U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

NIST Authors in Bold

Displaying 26 - 50 of 120

Review of the Advanced Encryption Standard

July 23, 2021
Author(s)
Nicky Mouha, Morris Dworkin
The field of cryptography continues to advance at a very rapid pace, leading to new insights that may impact the security properties of cryptographic algorithms. The Crypto Publication Review Board ("the Board") has been established to identify

Status Report on the Second Round of the NIST Lightweight Cryptography Standardization Process

July 20, 2021
Author(s)
Meltem Sonmez Turan, Kerry McKay, Donghoon Chang, Cagdas Calik, Lawrence E. Bassham, Jinkeon Kang, John M. Kelsey
The National Institute of Standards and Technology (NIST) is in the process of selecting one or more authenticated encryption and hashing schemes suitable for constrained environments through a public, competition-like process. In February 2019, 57

On the Effect of Projection on Rank Attacks in Multivariate Cryptography

May 19, 2021
Author(s)
Morten Oygarden, Daniel Smith-Tone, Javier Verbel
The multivariate scheme HFEv- used to be considered a promising candidate for a post-quantum signature system. First suggested in the early 2000s, a version of the scheme made it to the third round of the ongoing NIST post-quantum standardization process

SoK: How (not) to Design and Implement Post-Quantum Cryptography

May 17, 2021
Author(s)
James Howe, Thomas Prest, Daniel Apon
Post-quantum cryptography has known a Cambrian Explosion in the last decade. What started as a very theoretical and mathematical area has now evolved into a sprawling research field, complete with side-channel resistant embedded implementations, large

New Practical Multivariate Signatures from a Nonlinear Modifier

April 1, 2021
Author(s)
Daniel Smith-Tone
Multivariate cryptography is dominated by schemes supporting various modifiers to patch certain algebraic weaknesses. Typically these modifiers are linear in nature--- either requiring an extra composition with an affine map, or being evaluated by a

Improvements of Algebraic Attacks for solving the Rank Decoding and MinRank problems

December 6, 2020
Author(s)
Magali Bardet, Maxime Bros, Daniel Cabarcas, Philippe Gaborit, Ray Perlner, Daniel Smith-Tone, Jean-Pierre Tillich, Javier Verbel
In this paper, we show how to significantly improve algebraic techniques for solving the MinRank problem, which is ubiquitous in multivariate and rank metric code based cryptography. In the case of the structured MinRank instances arising in the latter, we

Observations on COMET

November 16, 2020
Author(s)
Daniel J. Bernstein, Henri Gilbert, Meltem Sonmez Turan
This note provides two observations on COMET, a second round candidate of the NIST lightweight cryptography standardization process. The first observation uses a long message to detect the use of weak keys, whereas the second observation focuses on the

Recommendation for Stateful Hash-Based Signature Schemes

October 29, 2020
Author(s)
David Cooper, Daniel Apon, Quynh H. Dang, Michael S. Davidson, Morris Dworkin, Carl Miller
This recommendation specifies two algorithms that can be used to generate a digital signature, both of which are stateful hash-based signature schemes: the Leighton-Micali Signature (LMS) system and the eXtended Merkle Signature Scheme (XMSS), along with

Cryptanalysis of LEDAcrypt

September 16, 2020
Author(s)
Daniel C. Apon, Ray A. Perlner, Angela Y. Robinson, Paulo Santini
We report on the concrete cryptanalysis of LEDAcrypt, a 2nd Round candidate in NIST's Post- Quantum Cryptography standardization process and one of 17 encryption schemes that remain as candidates for near-term standardization. LEDAcrypt consists of a

Boolean Functions with Multiplicative Complexity 3 and 4

July 18, 2020
Author(s)
Cagdas Calik, Meltem Sonmez Turan, Rene C. Peralta
Multiplicative complexity (MC) is defined as the minimum number of AND gates required to implement a function with a circuit over the basis (AND, XOR, NOT). Boolean functions with MC 1 and 2 have been characterized in Fischer and Peralta, and Find et al

NIST Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives

July 7, 2020
Author(s)
Luis Brandao, Michael S. Davidson, Apostol T. Vassilev
This document constitutes a preparation toward devising criteria for the standardization of threshold schemes for cryptographic primitives by the National Institute of Standards and Technology (NIST). The large diversity of possible threshold schemes, as

Guide to IPsec VPNs

June 30, 2020
Author(s)
Elaine B. Barker, Quynh H. Dang, Sheila E. Frankel, Karen Scarfone, Paul Wouters
Internet Protocol Security (IPsec) is a widely used network layer security control for protecting communications. IPsec is a framework of open standards for ensuring private communications over Internet Protocol (IP) networks. IPsec configuration is

The Impossibility of Efficient Quantum Weak Coin-Flipping

June 22, 2020
Author(s)
Carl A. Miller
How can two parties with competing interests carry out a fair coin flip, using only a noiseless quantum channel? This problem (quantum weak coin-flipping) was formalized more than 15 years ago, and, despite some phenomenal theoretical progress, practical

Securing Web Transactions TLS Server Certificate Management

June 16, 2020
Author(s)
Murugiah P. Souppaya, William A. Haag Jr., Mehwish Akram, William C. Barker, Rob Clatterbuck, Brandon Everhart, Brian Johnson, Alexandros Kapasouris, Dung Lam, Brett Pleasant, Mary Raguso, Susan Symington, Paul Turner, Clint Wilson, Donna F. Dodson
Transport Layer Security (TLS) server certificates are critical to the security of both internet- facing and private web services. Despite the critical importance of these certificates, many organizations lack a formal TLS certificate management program

Rainbow Band Separation is Better than we Thought

June 10, 2020
Author(s)
Daniel Smith-Tone, Ray Perlner
Currently the National Institute of Standards and Technology (NIST) is engaged in a post- quantum standardization effort, analyzing numerous candidate schemes to provide security against the advancing threat of quantum computers. Among the candidates in

Recommendation for Cryptographic Key Generation

June 4, 2020
Author(s)
Elaine B. Barker, Allen L. Roginsky, Richard Davis
Cryptography is often used in an information technology security environment to protect data that is sensitive, has a high value, or is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage. Cryptography

Notes on Interrogating Random Quantum Circuits

May 29, 2020
Author(s)
Luis Brandao, Rene C. Peralta
Consider a quantum circuit that, when fed a constant input, produces a fixed-length random bit- string in each execution. Executing it many times yields a sample of many bit-strings that contain fresh randomness inherent to the quantum evaluation. When the

Recommendation for Key Management: Part 1 - General

May 4, 2020
Author(s)
Elaine B. Barker
This Recommendation provides cryptographic key-management guidance. It consists of three parts. Part 1 (this document) provides general guidance and best practices for the management of cryptographic keying material, including definitions of the security

Combinatorial Rank Attacks Against the Rectangular Simple Matrix Encryption Scheme

April 10, 2020
Author(s)
Dustin Moody, Ray A. Perlner, Daniel C. Smith-Tone, Daniel C. Apon, Javier Verbel
In 2013, Tao et al. introduced the ABC Simple Matrix Scheme for Encryption, a multivariate public key encryption scheme. The scheme boasts great efficiency in encryption and decryption, though it suffers from very large public keys. It was quickly noted

Parallel Device-Independent Quantum Key Distribution

April 9, 2020
Author(s)
Rahul Jain, Carl Miller, Yaoyun Shi
A prominent application of quantum cryptography is the distribution of cryptographic keys that are provably secure. Such security proofs were extended by Vazirani and Vidick (Physical Review Letters, 113, 140501, 2014) to the device-independent (DI)
Displaying 26 - 50 of 120