Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo
Bookmark and Share

Cryptographic Technology Group


The Cryptographic Technology Group’s (CTG) work in the field of cryptography includes researching, analyzing and standardizing cryptographic technology, such as hash algorithms, symmetric and asymmetric cryptographic techniques, key management, authentication, and random number generation. The CTG’s goal is to identify and promote methods to protect communications and storage through cryptographic technologies, encouraging innovative development and helping technology users to manage risk.

In FY 2015, the CTG continued to collaborate with national and international government agencies, academic and research organizations, industry partners, and standards bodies to develop interoperable security standards and guidelines, and to make an impact in the field of cryptography. One example is the culmination of an eight-year standardization effort that led to the publication of Federal Information Processing Standard (FIPS) 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, announced in the Federal Register on August 5, 2015.

The CTG’s cryptographic standards program focuses on cryptographic primitives, algorithms, and schemes; the developed standards and guidelines are specified in FIPSs, NIST Special Publications (SPs), and NIST Interagency or Internal Reports (NISTIRs). Such standards and guidelines have been considered or adopted by the information technology (IT) industry and standards development organizations, such as the International Organization for Standardization (ISO), the Internet Engineering Task Force (IETF), the Institute of Electrical and Electronics Engineers (IEEE), and the Trusted Computing Group (TCG), and have been implemented on a variety of platforms.

The CTG is committed to the development of its standards using an open and transparent process - conducting workshops and requesting input and comments from government agencies, private industry, academia and the global cryptographic community. The CTG also examines each of its standards to determine if they need to be revised, withdrawn or re-opened for public comment.

The CTG continues to develop expertise in several critical research areas, such as post-quantum cryptography (PQC), elliptic curve cryptography (ECC), privacy-enhancing cryptography, and lightweight cryptographic schemes for constrained environments. It has collaborated with many universities internationally and presented research results in major cryptography conferences and journals. In addition, it organized workshops on PQC, ECC standards, and lightweight cryptography to discuss research results and develop standardization roadmaps.

The CTG also published several guidelines on cryptographic applications, including key management, public key certificate policies, and trusted platforms. The CTG also participated in the cybersecurity projects of other CSD groups, such as the Personal Identity Verification (PIV) standards, the Federal Cloud Credential Exchange (FCCX), the Cryptographic Algorithm Validation Program (CAVP), and the Cryptographic Module Validation Program (CMVP).


Lightweight Cryptography Project—NIST is investigating the need for lightweight cryptographic algorithms. This includes looking at applications that may require lightweight algorithms as well as defining possible use cases.

Cryptographic Standards Development Process Review—Recent news reports about leaked classified documents have caused concern from the cryptographic community about the security of NIST cryptographic standards and guidelines. NIST is also deeply …

NIST Randomness Beacon—NIST is implementing a source of public randomness. The service (at https://beacon.nist.gov/home) uses two independent commercially available sources of randomness, each with an independent …

E-Authentication—[Posted April 9, 2015 -- NIST Solicits Comments on its Electronic Authentication Guideline - Read More]Electronic Authentication is the process of establishing confidence in user identities that …

Cryptographic Hash Algorithm Competition—NIST opened a public competition on November 2, 2007 to develop a new cryptographic hash algorithm, which converts a variable length message into a short "message digest" that can be used for …

Security Aspects of Electronic Voting—The Help America Vote Act (HAVA) of 2002 was passed by Congress to encourage the upgrade of voting equipment across the United States. HAVA established the Election Assistance Commission (EAC) and …

Cryptographic Applications and Infrastructures—Application developers depend upon security protocols to establish security services (e.g., to establish a secure tunnel) using cryptography. In turn, these protocols rely on cryptographic …

Cryptographic Toolkit—The Computer Security Division's (CSD) Cryptographic Technology Group (CTG) is involved in the development, maintenance, and promotion of a number of standards and guidance that cover a wide range …


General Information:
Lily Chen
Phone: 301-975-6974
Fax: 301-975-8670

100 Bureau Drive, M/S 8930
Gaithersburg, MD 20899-8930