Search CSRC

Journal: IEEE Security & Privacy Abstract: The history of cryptography standards is reviewed, with a view to planning for the challenges, uncertainties, and strategies that the standardization of postquantum cryptography will entail.

Journal: Rocky Mountain Journal of Mathematics Abstract: A Heron quadrilateral is a cyclic quadrilateral whose area and side lengths are rational. In this work, we establish a correspondence between Heron quadrilaterals and a family of elliptic curves of the form y2=x3+αx2−n2x. This correspondence generalizes the notions of Goins and Maddox who estab...

Abstract: The National Institute of Standards and Technology has constructed a testbed to measure the performance impact induced by cybersecurity technologies on Industrial Control Systems (ICS). The testbed allows researchers to emulate real-world industrial manufacturing processes and their control systems...

Journal: Notices of the American Mathematical Society Abstract: This is a short opinion article discussing current research on post-quantum cryptography.

Conference: 2017 IEEE International Conference on Software Quality Reliability and Security (QRS-C 2017) Abstract: Software testing criteria differ in their effectiveness, the numbers of test cases required, and the processes of test generation. Specific criteria often are compared to random testing, and in some cases, random testing shows a surprisingly high level of effectiveness. One reason that this is the c...

Conference: 2017 IEEE International Conference on Software Quality Reliability and Security (QRS-C 2017) Abstract: Database driven web applications are some of the most widely developed systems today. In this paper, we demonstrate use of combinatorial testing for testing database supported web applications, especially where full-text search is provided or many combinations of search options are utilized. We deve...

Conference: 2017 IEEE International Conference on Software Quality Reliability and Security (QRS-C 2017) Abstract: Computer security has been a subject of serious study for at least 40 years, and a steady stream of innovations has improved our ability to protect networks and applications. But attackers have adapted and changed methods over the years as well. Where do we stand today in the battle between attacker...

Abstract: This bulletin summarizes the information in NIST SP 800-121, Revision 2: Guide to Bluetooth Security which provides information on the security capabilities of Bluetooth and provides recommendations to organizations employing Bluetooth wireless technologies on securing them effectively.

Abstract: The field of device-independent quantum cryptography has seen enormous success in the past several years, including security proofs for key distribution and random number generation that account for arbitrary imperfections in the devices used. Full security proofs in the field so far are long and te...

Abstract: Since the creation of the internet, the Border Gateway Protocol (BGP) has been the default routing protocol to route traffic among organizations (Internet Service Providers (ISPs) and Autonomous Systems (ASes)). While the BGP protocol performs adequately in identifying viable paths that reflect loca...

Abstract: We introduce SPHINCS-Simpira, which is a variant of the SPHINCS signature scheme with Simpira as a building block. SPHINCS was proposed by Bernstein et al. at EUROCRYPT 2015 as a hash-based signature scheme with post-quantum security. At ASIACRYPT 2016, Gueron and Mouha introduced the Simpira family...

Conference: 8th International Workshop on Post-Quantum Cryptography (PQCrypto 2017) Abstract: Multivariate Cryptography, as one of the main candidates for establishing post-quantum cryptosystems, provides strong, efficient and well-understood digital signature schemes such as UOV, Rainbow, and Gui. While Gui provides very short signatures, it is, for efficiency reasons, restricted to very sm...

Conference: 8th International Workshop on Post-Quantum Cryptography (PQCrypto 2017) Abstract: In the last few years multivariate public key cryptography has experienced an infusion of new ideas for encryption. Among these new strategies is the ABC Simple Matrix family of encryption schemes which utilize the structure of a large matrix algebra to construct effectively invertible systems of no...

Abstract: Access control systems are among the most critical of computer security components. Faulty policies, misconfigurations, or flaws in software implementations can result in serious vulnerabilities. To formally and precisely capture the security properties that access control should adhere to, access c...

Abstract: The Boyen-Li signature scheme [Asiacrypt'16] is a major theoretical breakthrough. Via a clever homomorphic evaluation of a pseudorandom function over their verification key, they achieve a reduction loss in security linear in the underlying security parameter and entirely independent of the number o...

Abstract: Organizations rely heavily on the use of information technology (IT) products and services to run their day-to-day activities. Ensuring the security of these products and services is of the utmost importance for the success of the organization. This publication introduces the information security pr...

Conference: 31st IFIP Conference on Data and Application Security and Privacy (DBSEC 2017) Abstract: Today’s cyber-attacks towards enterprise networks often undermine and even fail the mission assurance of victim networks. Mission cyber resilience (or active cyber defense) is critical to prevent or minimize negative consequences towards missions. Without effective mission impact assessment, mission...

Conference: IFIP Annual Conference on Data and Applications Security and Privacy (DBSEC 2017) Abstract: The administrators of a mission critical network usually have to worry about non-traditional threats, e.g., how to live with known, but unpatchable vulnerabilities, and how to improve the network’s resilience against potentially unknown vulnerabilities. To this end, network hardening is a well-knowf...

Journal: Discrete Mathematics, Algorithms and Applications Abstract: For a positive integer k let S = {0, 1, . . . , k − 1} be the alphabet whose symbols are the integers from 0 to k − 1. The set off all strings of length n ∈ Z+ over S is denoted by S(n). We show a near optimal algorithm to solve the problem of counting the number of times that every string in S(n) o...

Abstract: This bulletin summarizes the information in NISTIR 8114: Report on Lightweight Cryptography which provides an overview of the lightweight cryptography project at NIST and describes plans for the standardization of lightweight cryptography algorithms.

Journal: Quantum Information & Computation Abstract: If two quantum players at a nonlocal game $G$ achieve a superclassical score, then their measurement outcomes must be at least partially random from the perspective of any third player.  This is the basis for device-independent quantum cryptography.  In this paper we ad...

Journal: Glasnik Matematicki Abstract: In this paper, we look at long geometric progressions on different models of elliptic curves, namely Weierstrass curves, Edwards and twisted Edwards curves, Huff curves and general quartics curves. By a geometric progression on an elliptic curve, we mean the existence of rational points on the curve...

Abstract: The NISTIR 8011 volumes focus on each individual information security capability, adding tangible detail to the more general overview given in NISTIR 8011 Volume 1, and providing a template for transition to a detailed, NIST standards-compliant automated assessment. This document, Volume 2 of NISTIR...

Abstract: This volume introduces concepts to support automated assessment of most of the security controls in NIST Special Publication (SP) 800-53. Referencing SP 800-53A, the controls are divided into more granular parts (determination statements) to be assessed. The parts of the control assessed by each det...

Conference: 11th Annual Conference on Digital Forensics, Security and Law (ADFSL) Abstract: In this paper, we present an approach and experimental results to suggest the past presence of an application after the application has been uninstalled and the system has remained in use. Current techniques rely on the recovery of intact artifacts and traces, e.g., whole files, Windows Registry ent...