U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

NIST Authors in Bold

Displaying 51 - 75 of 120

Extending NIST's CAVP Testing of Cryptographic Hash Function Implementations

February 14, 2020
Author(s)
Nicky W. Mouha, Christopher T. Celi
This paper describes a vulnerability in Apple's CoreCrypto library, which affects 11 out of the 12 implemented hash functions: every implemented hash function except MD2 (Message Digest 2), as well as several higher-level operations such as the Hash-based

TMPS: Ticket-Mediated Password Strengthening

February 14, 2020
Author(s)
John M. Kelsey, Dana Dachman-Soled, Meltem Sonmez Turan, Sweta Mishra
We introduce the notion of Ticket-Mediated Password Strengthening (TMPS), a technique for allowing users to derive keys from passwords while imposing a strict limit on the number of guesses of their password any attacker can make, and strongly protecting

A Nonlinear Multivariate Cryptosystem Based on a Random Linear Code

November 24, 2019
Author(s)
Daniel C. Smith-Tone, Cristina Tone
We introduce a new technique for building multivariate encryption schemes based on random linear codes. The construction is versatile, naturally admitting multiple modifications. Among these modifications is an interesting embedding modifier -- any

Searching for best Karatsuba recurrences

September 1, 2019
Author(s)
Cagdas Calik, Morris Dworkin, Nathan Dykas, Rene Peralta
Efficient circuits for multiplication of binary polynomials use what are known as Karatsuba recurrences. These methods divide the polynomials of size kn into k pieces of size n. Multiplication is performed by treating the factors as degree-(k-1)

Recommendation for Cryptographic Key Generation

July 23, 2019
Author(s)
Elaine B. Barker, Allen L. Roginsky
Cryptography is often used in an information technology security environment to protect data that is sensitive, has a high value, or is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage. Cryptography

Practical Cryptanalysis of k-ary C*

July 18, 2019
Author(s)
Daniel C. Smith-Tone
Recently, an article by Felke appeared in Cryptography and Communications discussing the security of biquadratic $C^*$ and a further generalization, k-ary $C^*$. The article derives lower bounds for the complexity of an algebraic attack, directly inverting

Constant-Round Group Key Exchange from the Ring-LWE Assumption

July 14, 2019
Author(s)
Daniel C. Apon, Dana Dachman-Soled, Huijing Gong, Jonathan Katz
Group key-exchange protocols allow a set of N parties to agree on a shared, secret key by communicating over a public network. A number of solutions to this problem have been proposed over the years, mostly based on variants of Diffie-Hellman (two-party)

RTL-PSC: Automated Power Side-Channel Leakage Assessment at Register-Transfer Level

July 11, 2019
Author(s)
Miao (Tony) He, Jungmin Park, Adib Nahiyan, Apostol Vassilev, Yier Jin, Mark Tehranipoor
Power side-channel attacks (SCAs) have become a major concern to the security community due to their non- invasive feature, low-cost, and effectiveness in extracting secret information from hardware implementation of cryto algorithms. Therefore, it is

Electronics Supply Chain Integrity Enabled by Blockchain

June 1, 2019
Author(s)
Xiaolin Xu, Fahim Rahman, Bicky Shakya, Apostol Vassilev, Domenic Forte, Mark Tehranipoor
Electronic systems are ubiquitous today, playing an irreplaceable role in our personal lives as well as in critical infrastructures such as power grid, satellite communication, and public transportation. In the past few decades, the security of software

FIPS 140-3 Adopts ISO/IEC Standards

May 20, 2019
Author(s)
Kim B. Schaffer
This bulletin summarizes the information found in FIPS 140-3: Security Requirements for Cryptographic Modules which is applicable to all federal agencies that use cryptographic-based security systems to provide adequate information security for all agency

Post-Quantum Cryptography and 5G Security: Tutorial

May 15, 2019
Author(s)
T. Charles Clancy, Robert W. McGwier, Lidong Chen
The Fifth Generation (5G) mobile broadband standards make a fundamental shift in cryptography. Prior generations based their security and privacy principally on symmetric key cryptography. The Subscriber Identity Module (SIM) and its successors contain a

Time to Standardize Threshold Schemes for Cryptographic Primitives

April 10, 2019
Author(s)
Luis Brandao, Michael S. Davidson, Nicky W. Mouha, Apostol T. Vassilev
This bulletin summarizes the information found in NISTIR 8214: Threshold Schemes for Cryptographic Primitives. NIST is interested in promoting the security of implementations of cryptographic primitives. This security depends not only on the theoretical

Security Requirements for Cryptographic Modules

March 22, 2019
Author(s)
Michael J. Cooper, Kim B. Schaffer
The selective application of technological and related procedural safeguards is an important responsibility of every federal organization in providing adequate security in its computer and telecommunication systems. This standard is applicable to all

Recommendation for Pair-Wise Key Establishment Using Integer Factorization Cryptography

March 21, 2019
Author(s)
Elaine B. Barker, Lidong Chen, Allen L. Roginsky, Richard Davis, Scott Simon
This Recommendation specifies key-establishment schemes using integer factorization cryptography (in particular, RSA). Both key-agreement and key transport schemes are specified for pairs of entities, and methods for key confirmation are included to

Transitioning the Use of Cryptographic Algorithms and Key Lengths

March 21, 2019
Author(s)
Elaine B. Barker, Allen L. Roginsky
The National Institute of Standards and Technology (NIST) provides cryptographic key management guidance for defining and implementing appropriate key management procedures, using algorithms that adequately protect sensitive information, and planning ahead

Threshold Schemes for Cryptographic Primitives

March 1, 2019
Author(s)
Luis T. A. N. Brandao, Nicky W. Mouha, Apostol T. Vassilev
The Computer Security Division at the National Institute of Standards and Technology is interested in promoting the security of implementations of cryptographic primitives. This security depends not only on the theoretical properties of the primitives but

Extracting Linearization Equations from Noisy Sources

February 15, 2019
Author(s)
Daniel C. Smith-Tone
This note was originally written under the name "On the Security of HMFEv" and was submitted to PQCrypto 2018. The author was informed by the referees of his oversight of an eprint work of the same name by Hashimoto, see eprint article /2017/689/, that

Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process

January 31, 2019
Author(s)
Gorjan Alagic, Jacob M. Alperin-Sheriff, Daniel Apon, David Cooper, Quynh H. Dang, Carl Miller, Dustin Moody, Rene Peralta, Ray Perlner, Angela Robinson, Daniel Smith-Tone, Yi-Kai Liu
The National Institute of Standards and Technology is in the process of selecting one or more public-key cryptographic algorithms through a public competition-like process. The new public- key cryptography standards will specify one or more additional
Displaying 51 - 75 of 120