The Cryptographic Technology Group’s (CTG) work in the field of cryptography includes researching, analyzing and standardizing cryptographic technology, such as hash algorithms, symmetric and asymmetric cryptographic techniques, key management, authentication, and random number generation. The CTG’s goal is to identify and promote methods to protect communications and storage through cryptographic technologies, encouraging innovative development and helping technology users to manage risk.
In FY 2015, the CTG continued to collaborate with national and international government agencies, academic and research organizations, industry partners, and standards bodies to develop interoperable security standards and guidelines, and to make an impact in the field of cryptography. One example is the culmination of an eight-year standardization effort that led to the publication of Federal Information Processing Standard (FIPS) 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, announced in the Federal Register on August 5, 2015.
The CTG’s cryptographic standards program focuses on cryptographic primitives, algorithms, and schemes; the developed standards and guidelines are specified in FIPSs, NIST Special Publications (SPs), and NIST Interagency or Internal Reports (NISTIRs). Such standards and guidelines have been considered or adopted by the information technology (IT) industry and standards development organizations, such as the International Organization for Standardization (ISO), the Internet Engineering Task Force (IETF), the Institute of Electrical and Electronics Engineers (IEEE), and the Trusted Computing Group (TCG), and have been implemented on a variety of platforms.
The CTG is committed to the development of its standards using an open and transparent process - conducting workshops and requesting input and comments from government agencies, private industry, academia and the global cryptographic community. The CTG also examines each of its standards to determine if they need to be revised, withdrawn or re-opened for public comment.
The CTG continues to develop expertise in several critical research areas, such as post-quantum cryptography (PQC), elliptic curve cryptography (ECC), privacy-enhancing cryptography, and lightweight cryptographic schemes for constrained environments. It has collaborated with many universities internationally and presented research results in major cryptography conferences and journals. In addition, it organized workshops on PQC, ECC standards, and lightweight cryptography to discuss research results and develop standardization roadmaps.
The CTG also published several guidelines on cryptographic applications, including key management, public key certificate policies, and trusted platforms. The CTG also participated in the cybersecurity projects of other CSD groups, such as the Personal Identity Verification (PIV) standards, the Federal Cloud Credential Exchange (FCCX), the Cryptographic Algorithm Validation Program (CAVP), and the Cryptographic Module Validation Program (CMVP).
Projects and Programs
100 Bureau Drive, M/S 8930
Gaithersburg, MD 20899-8930