U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1251 through 1275 of 13539 matching records.
Publications SP 800-163 Rev. 1 April 19, 2019
https://csrc.nist.rip/publications/detail/sp/800-163/rev-1/final

Abstract: Mobile applications have become an integral part of our everyday personal and professional lives. As both public and private organizations rely more on mobile applications, securing these mobile applications from vulnerabilities and defects becomes more important. This paper outlines and details a m...

Publications ITL Bulletin April 9, 2019
https://csrc.nist.rip/publications/detail/itl-bulletin/2019/04/standardize-threshold-schemes-for-cryptographic-primitives/final

Abstract: This bulletin summarizes the information found in NISTIR 8214: Threshold Schemes for Cryptographic Primitives. NIST is interested in promoting the security of implementations of cryptographic primitives. This security depends not only on the theoretical properties of the primitives but also on the a...

Publications Conference Proceedings April 1, 2019
https://csrc.nist.rip/publications/detail/conference-paper/2019/04/01/browser-fingerprinting-using-combinatorial-sequence-testing

Conference: Hot Topics in the Science of Security Abstract: In this paper, we report on the applicability of combinatorial sequence testing methods to the problem of fingerprinting browsers based on their behavior during a TLS handshake. We created an appropriate abstract model of the TLS handshake protocol and used it to map browser behavior to a feature ve...

Publications Journal Article April 1, 2019
https://csrc.nist.rip/publications/detail/journal-article/2019/better-circuits-for-binary-polynomial-multiplication

Journal: IEEE Transactions on Computers Abstract: We develop a new and simple way to describe Karatsuba-like algorithms for multiplication of polynomials over F2. We restrict the search of small circuits to a class of circuits we call symmetric bilinear. These are circuits in which AND gates only compute functions of the form ∑i∈Sai⋅∑i∈Sb...

Publications Conference Proceedings March 28, 2019
https://csrc.nist.rip/publications/detail/conference-paper/2019/03/28/smart-contract-federated-identity-management

Conference: Open Identity Summit 2019 Abstract: Federated identity management enables users to access multiple systems using a single login credential. However, to achieve this a complex privacy compromising authentication has to occur between the user, relying party (RP) (e.g., abusiness), and a credential service provider(CSP) that performs the...

Publications FIPS 140-3 March 22, 2019
https://csrc.nist.rip/publications/detail/fips/140/3/final

Abstract: The selective application of technological and related procedural safeguards is an important responsibility of every federal organization in providing adequate security in its computer and telecommunication systems.   This standard is applicable to all federal agencies that use cryptograph...

Publications SP 800-131A Rev. 2 March 21, 2019
https://csrc.nist.rip/publications/detail/sp/800-131a/rev-2/final

Abstract: The National Institute of Standards and Technology (NIST) provides cryptographic key management guidance for defining and implementing appropriate key management procedures, using algorithms that adequately protect sensitive information, and planning ahead for possible changes in the use of cryptogr...

Publications SP 800-56B Rev. 2 March 21, 2019
https://csrc.nist.rip/publications/detail/sp/800-56b/rev-2/final

Abstract: This Recommendation specifies key-establishment schemes using integer factorization cryptography (in particular, RSA). Both key-agreement and key transport schemes are specified for pairs of entities, and methods for key confirmation are included to provide assurance that both parties share the same...

Publications NISTIR 8214 March 1, 2019
https://csrc.nist.rip/publications/detail/nistir/8214/final

Abstract: The Computer Security Division at the National Institute of Standards and Technology is interested in promoting the security of implementations of cryptographic primitives. This security depends not only on the theoretical properties of the primitives but also on the ability to withstand attacks on...

Publications ITL Bulletin February 28, 2019
https://csrc.nist.rip/publications/detail/itl-bulletin/2019/02/the-next-generation-risk-management-framework-rmf/final

Abstract: This bulletin summarizes the information found in NIST SP 800-37, Revision 2: Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy which provides guidelines for applying the RMF to information systems and organizations.

Publications SP 800-38G Rev. 1 (Draft) February 28, 2019
https://csrc.nist.rip/publications/detail/sp/800-38g/rev-1/draft

Abstract: This Recommendation specifies two methods, called FF1 and FF3-1, for format-preserving encryption. Both of these methods are modes of operation for an underlying, approved symmetric-key block cipher algorithm. Compared to the original version of this publication, the tweak size for FF3-1 is smaller...

Publications SP 800-177 Rev. 1 February 26, 2019
https://csrc.nist.rip/publications/detail/sp/800-177/rev-1/final

Abstract: This document gives recommendations and guidelines for enhancing trust in email. The primary audience includes enterprise email administrators, information security specialists and network managers. This guideline applies to federal IT systems and will also be useful for small or medium sized organi...

Publications Conference Paper February 24, 2019
https://csrc.nist.rip/publications/detail/conference-paper/2019/02/24/rating-human-phishing-message-detection-difficulty

Conference: Workshop on Usable Security (USEC) 2019 Abstract: As organizations continue to invest in phishing awareness training programs, many Chief Information Security Officers (CISOs) are concerned when their training exercise click rates are high or variable, as they must justify training budgets to those who question the efficacy of training when click r...

Publications Conference Paper February 24, 2019
https://csrc.nist.rip/publications/detail/conference-paper/2019/02/24/exploring-children’s-password-knowledge-and-practices

Conference: Workshop on Usable Security (USEC) 2019 Abstract: Children use technology from a very young age, and often have to authenticate themselves. Yet very little attention has been paid to designing authentication specifically for this particular target group. The usual practice is to deploy the ubiquitous password, and this might well be a suboptimal ch...

Publications SP 1800-4 February 21, 2019
https://csrc.nist.rip/publications/detail/sp/1800-4/final

Abstract: This document proposes a reference design on how to architect enterprise-class protection for mobile devices accessing corporate resources. The example solutions presented here can be used by any organization implementing an enterprise mobility management solution. This project contains two distinct...

Publications White Paper (Draft) February 1, 2019
https://csrc.nist.rip/publications/detail/white-paper/2019/02/01/security-for-iot-sensor-networks/draft

Abstract: This document explores common components of sensor networks and the associated requirements for the secure functioning of the sensor network. For each component, the document lists exposed interfaces, applicable threats, and technologies that may be utilized to help ensure the security requirements....

Publications Journal Article February 1, 2019
https://csrc.nist.rip/publications/detail/journal-article/2019/elliptic-curves-arising-from-triangular-numbers

Journal: INTEGERS: The electronic journal of combinatorial number theory Abstract: We study the Legendre family of elliptic curves Et : y2 = x(x − 1)(x − ∆t), parametrized by triangular numbers ∆t = t(t + 1)/2. We prove that the rank of Et over the function field ¯Q(t) is 1, while the rank is 0 over Q(t). We also produce some infinite subfamilies whose Mordell-Weil rank is positiv...

Publications Journal Article February 1, 2019
https://csrc.nist.rip/publications/detail/journal-article/2019/rethinking-distributed-ledger-technology

Journal: Computer (IEEE Computer) Abstract: Distributed ledger technology (DLT) offers new and unique advantages for information systems, but some of its features are not a good fit for many applications. We review the properties of DLT and show how two recently developed ideas can be used to retain its advantages while simplifying design.

Publications NISTIR 8240 January 31, 2019
https://csrc.nist.rip/publications/detail/nistir/8240/final

Abstract: The National Institute of Standards and Technology is in the process of selecting one or more public-key cryptographic algorithms through a public competition-like process. The new public-key cryptography standards will specify one or more additional digital signature, public-key encryption, and key...

Publications Conference Proceedings January 28, 2019
https://csrc.nist.rip/publications/detail/conference-paper/2019/01/28/determining-forensic-data-requirements

Conference: 15th IFIP WG 11.9 International Conference on Digital Forensics Abstract: Hardware/server virtualization is commonly employed in cloud computing to enable ubiquitous access to shared system resources and provide sophisticated services. The virtualization is typically performed by a hypervisor, which provides mechanisms that abstract hardware and system resources from the...

Publications Journal Article December 21, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/network-attack-surface-resilience-against-zero-days

Journal: IEEE Transactions on Dependable and Secure Computing Abstract: The concept of attack surface has seen many applications in various domains, e.g., software security, cloud security, mobile device security, Moving Target Defense (MTD), etc. However, in contrast to the original attack surface metric, which is formally and quantitatively defined for a software, mos...

Publications Journal Article December 21, 2018
https://csrc.nist.rip/publications/detail/journal-article/2018/threat-modeling-for-cloud-infrastructures

Journal: EAI Endorsed Transactions on Security and Safety Abstract: Today's businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the potential security threats in such infrastruc...

Publications SP 800-37 Rev. 2 December 20, 2018
https://csrc.nist.rip/publications/detail/sp/800-37/rev-2/final

Abstract: This publication describes the Risk Management Framework (RMF) and provides guidelines for applying the RMF to information systems and organizations. The RMF provides a disciplined, structured, and flexible process for managing security and privacy risk that includes information security categorizat...

Publications ITL Bulletin December 19, 2018
https://csrc.nist.rip/publications/detail/itl-bulletin/2018/12/securing-wireless-infusion-pumps/final

Abstract: This bulletin summarizes the information found in NIST SP 1800-8, Securing Wireless Infusion Pumps in Healthcare Delivery Organizations which discusses the cybersecurity risks associated with medical devices, such as infusion pumps, which -- in today's world -- connect to a variety of healthcare sys...

Publications NISTIR 8241 December 17, 2018
https://csrc.nist.rip/publications/detail/nistir/8241/final

Abstract: Cryptography is an essential component of modern computing. Unfortunately, implementing cryptography correctly is a non-trivial undertaking. Past research studies have supported this observation by revealing a multitude of errors and pitfalls in the cryptographic implementations of software products...

<< first   < previous   39     40     41     42     43     44     45     46     47     48     49     50     51     52     53     54     55     56     57     58     59     60     61     62     63  next >  last >>