Search Publications

Displaying 601 - 625 of 1521

Who Touched my Mission: Towards Probabilistic Mission Impact Assessment

October 12, 2015

Author(s)

Xiaoyan Sun, Anoop Singhal, Peng Liu

Cyber attacks inevitably generate impacts towards relevant missions. However, concrete methods to accurately evaluate such impacts are rare. In this paper, we propose a probabilistic approach based on Bayesian networks for quantitative mission impact

Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations [including updates as of 09-03-2015]

October 1, 2015

Author(s)

Ronald S. Ross, Kelley L. Dempsey, Patrick Viscuso, Mark Riddle, Gary Guissanie

[Supersedes SP 800-171 (June 2015, updated 1/14/2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=920191] The protection of Controlled Unclassified Information (CUI) while residing in nonfederal information systems and organizations is of

Spreading alerts quietly and the subgroup escape problem

October 1, 2015

Author(s)

J. Aspnes, Z. Diamadi, A. Yampolskiy, K. Gjosteen, Rene Peralta

We introduce a new cryptographic primitive called a blind coupon mechanism (BCM). In effect, a BCM is an authenticated bit commitment scheme, which is AND-homomorphic. We show that a BCM has natural and important applications. In particular, we use it to

Additional Secure Hash Algorithm Standards Offer New Opportunities for Data Protection

September 24, 2015

Author(s)

Morris J. Dworkin, Larry Feldman, Gregory A. Witte

This bulletin summarizes the information presented in FIPS 202. The publication specifies the Secure Hash Algorithm-3 (SHA-3) family of functions on binary data. Each of the SHA-3 functions is based on an instance of the KECCAK algorithm that NIST selected

Extending the Cybersecurity Digital Thread with XForms

September 22, 2015

Author(s)

Joshua Lubell

Multiplicative Complexity of Vector Value Boolean Functions

September 21, 2015

Author(s)

Magnus G. Find, Joan Boyar

We consider the multiplicative complexity of Boolean functions with multiple bits of output, studying how large a multiplicative complexity is necessary and sufficient to provide a desired nonlinearity. For so-called $\Sigma\Pi\Sigma$ circuits, we show

Predictive Models for Min-Entropy Estimation

September 13, 2015

Author(s)

John M. Kelsey, Kerry McKay, Meltem Sonmez Turan

Random numbers are essential for cryptography. In most real-world systems, these values come from a cryptographic pseudorandom number generator (PRNG), which in turn is seeded by an entropy source. The security of the entire cryptographic system then

Computer Security Division 2014 Annual Report

August 20, 2015

Author(s)

Patrick D. O'Reilly, Gregory A. Witte, Larry Feldman

Title III of the E-Government Act of 2002, entitled the Federal Information Security Management Act (FISMA) of 2002, requires NIST to prepare an annual public report on activities undertaken in the previous year, and planned for the coming year, to carry

Recommendation for Random Number Generation Using Deterministic Random Bit Generators

August 13, 2015

Author(s)

Elaine B. Barker, Larry Feldman, Gregory A. Witte

This bulletin summarizes the information presented in NIST SP 800-90A, Revision 1. The publication specifies mechanisms for the generation of random bits using deterministic methods. The methods provided are based on either hash functions or block cipher

Constructive Relationships Between Algebraic Thickness and Normality

August 4, 2015

Author(s)

Joan Boyar, Magnus G. Find

We study the relationship between two measures of Boolean functions; "algebraic thickness" and "normality". For a function f, the algebraic thickness is a variant of the "sparsity", the number of nonzero coefficients in the unique F_2 polynomial

Secure Hash Standard

August 4, 2015

Author(s)

National Institute of Standards and Technology (NIST), Quynh Dang

This standard specifies hash algorithms that can be used to generate digests of messages. The digests are used to detect whether messages have been changed since the digests were generated. The Applicability Clause of this standard was revised to

SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions

August 4, 2015

Author(s)

National Institute of Standards and Technology (NIST), Morris J. Dworkin

This Standard specifies the Secure Hash Algorithm-3 (SHA-3) family of functions on binary data. Each of the SHA-3 functions is based on an instance of the KECCAK algorithm that NIST selected as the winner of the SHA-3 Cryptographic Hash Algorithm

The Authentication Equation: A Tool to Visualize the Convergence of Security and Usability of Text-Based Passwords

August 4, 2015

Author(s)

Cathryn A. Ploehn, Kristen Greene

Password management is the ubiquitous struggle of the modern human. Despite usability playing a vital role in authentication, many password policies and requirements focus on security without sufficient consideration of human factors. In fact, security and

Extending the Cybersecurity Digital Thread with XForms

August 3, 2015

Author(s)

Joshua Lubell

The digital thread for cybersecurity enables security technologies and data sources to interoperate. It consists of an integrated collection of languages, taxonomies, and metrics represented using the Extensible Markup Language (XML). A gap in the

Human Generated Passwords - the Impacts of Password Requirements and Presentation Styles

August 2, 2015

Author(s)

Paul Y. Lee, Yee-Yin Choong

The generation stage of the user password management lifecycle is arguably the most important yet perilous step. Fulfilling minimum length and character type requirements while attempting to create something memorable can become an arduous task, leaving

What 4,500+ people can tell you Employees' Attitudes toward Organizational Password Policy Do Matter

August 2, 2015

Author(s)

Yee-Yin Choong, Mary F. Theofanos

Organizations establish policies on how employees should generate, maintain, and use passwords to authenticate and gain access to the organizations information systems. This paper focuses on employees attitudes towards organizational password policies

Analysis of Network Segmentation Techniques in Cloud Data Centers

July 30, 2015

Author(s)

Ramaswamy Chandramouli

Cloud Data centers are predominantly made up of Virtualized hosts. The networking infrastructure in a cloud (virtualized) data center, therefore, consists of the combination of physical IP network (data center fabric) and the virtual network residing in

Guidelines for the Authorization of Personal Identity Verification Card Issuers (PCI) and Derived PIV Credential Issuers (DPCI)

July 30, 2015

Author(s)

Hildegard Ferraiolo, Ramaswamy Chandramouli, Nabil Ghadiali, Jason Mohler, Scott Shorter

The purpose of this Special Publication is to provide appropriate and useful guidelines for assessing the reliability of issuers of Personal Identity Verification (PIV) Cards and Derived PIV Credentials. These issuers store personal information and issue

Password policy languages: usable translation from the informal to the formal

July 21, 2015

Author(s)

Michelle P. Steves, Mary F. Theofanos, Celia Paulsen, Athos Ribeiro

Password policies documents which regulate how users must create, manage, and change their passwords can have complex and unforeseen consequences on organizational security. Since these policies regulate user behavior, users must be clear as to what is

PFLASH - Secure Asymmetric Signatures on Smart Cards

July 21, 2015

Author(s)

Ming-Shing Chen, Bo-Yin Yang, Daniel Smith-Tone

We present PFLASH, an asymmetric digital signature scheme appropriate for smart card use. We present parameters for several security levels in this low resource environment and bootstrap many technical properties (including side-channel resistance) exposed

Privacy and Security in the Brave New World: The Use of Multiple Mental Models

July 21, 2015

Author(s)

Susanne M. Furman, Mary F. Theofanos, Brian C. Stanton, Sandra S. Prettyman

We live in a world where the flow of electronic information and communication has become a ubiquitous part of our everyday life. While our lives are enhanced in many ways, we also experience a myriad of challenges especially to our priva-cy and security

Defensive Resource Allocations with Security Chokepoints in IPv6 Networks

July 15, 2015

Author(s)

Assane Gueye, Peter M. Mell, Richard Harang, Richard J. La

Securely configured Internet Protocol version 6 networks can be made resistant to network scanning, forcing attackers to propagate following existing benign communication paths. We exploit this attacker limitation in a defensive approach in which

Measuring Limits on the Ability of Colluding Countries to Partition the Internet

June 30, 2015

Author(s)

Peter M. Mell, Richard Harang, Assane Gueye

We show that the strength of Internet-based network interconnectivity of countries is increasing over time. We then evaluate bounds on the extent to which a group of colluding countries can disrupt this connectivity. We evaluate the degree to which a group

Recommendation for Random Number Generation Using Deterministic Random Bit Generators

June 24, 2015

Author(s)

Elaine B. Barker, John M. Kelsey

This Recommendation specifies mechanisms for the generation of random bits using deterministic methods. The methods provided are based on either hash functions or block cipher algorithms. [Supersedes SP 800-90A (January 2012): http://www.nist.gov

New Second-Preimage Attacks on Hash Functions

June 23, 2015

Author(s)

Elena Andreeva, Charles Bouillaguet, Orr Dunkelman, Pierre-Alain Fouque, Jonathan J. Hoch, John M. Kelsey, Adi Shamir, Sebastien Zimmer

In this work, we present several new generic second-preimage attacks on hash functions. Our first attack is based on the herding attack and applies to various Merkle-Damgard-based iterative hash functions. Compared to the previously known long-message