Participation in MINEX III

1. Wrap your algorithm in the MINEX III API, and build it as a shared library.
2. Follow the instruction in validation.
3. Sign, date, and scan the evaluation agreement. Physically mail the signed agreement to NIST.
4. Upload the signed and encrypted output of validation, your public encryption key, and your signed evaluation agreement via the NIST MINEX submission form.

Agreement

Sign, minex [at] nist.gov (e-mail) or upload a scanned copy, and postal mail the original signed evaluation agreement to NIST. If provided, please include the delivery tracking numbers when e-mailing your scanned agreement. Both an e-mail scanned copy and physical hard copy are required.

Notes:

• Anonymous participation is not allowed.
• A new agreement must be received by NIST for each submission version after posting previous results.
• No results will be released until a physical agreement has been received.
• Your participation status may be made public anytime on or after receipt of a software library submission and a signed agreement.

Operating System

The required build system for MINEX III is currently CentOS Linux release 7.6.1810. NIST provides a mirror of the digital installation media for this operating system and a list of installed CentOS packages. Failure to build your software library on this operating system may result in delays and unexpected behavior. Use of a consistent operating system enables reproducible research.

CentOS-7-x86_64-Everything-1810.iso

• SHA256: 918975cdf947e858c9a0c77d6b90a9a56d9977f3a4496a56437f46f46200cf71

Validation & Tools

BiomDI - ISO/SC37 and INCITS/M1 Biometric Data Interchange Format Software

Homepage and nightly current source code snapshot, generated nightly.

Encryption

All attachments containing software libraries shall be signed and encrypted for the MINEX III Liaison, using the PGP key-pair whose public key fingerprint was printed on the MINEX III Agreement.

• NIST is not responsible for any consequences of transmitting unencrypted data.
• NIST will not run software libraries that have been transmitted unencrypted or not signed by the public key whose fingerprint was printed on the MINEX III Agreement.

The MINEX III Public Key Fingerprint is 448F 3828 719D B6B0 FDC5 3DE6 715B 6C72 062A 520A

Submitting

Once you have successfully run the validation package, a file will be generated that you must sign, encrypt, and submit to NIST, along with your public key. Instructions will be printed by the validation package. You may email or upload the file with the NIST MINEX submission form.

• Do not submit unsigned or unencrypted files.
• Do not submit files other than those generated by the validation package.
• Do not modify the files generated by the validation package. However, you are highly encouraged to review the generated files.
• Do not submit files if the validation package has alerted you of an error.

Testing

Testing will be conducted solely by Federal U.S. Government employees at NIST's Gaithersburg, MD location using NIST-owned computer hardware in a secure facility. Test hardware runs in an isolated environment with no access to the Internet.

Processes will be run in isolation.

• Software libraries that are not compliant with the MINEX III API Specification will not be tested.
• Software libraries that have not been built on the required operating system will not be tested.
• Software libraries that have not successfully passed the validation step will not be tested.

NIST maintains the right to refuse to run an algorithm if it:

• crashes,
• exhibits defects,
• leaks a non-trivial amount of memory,
• does not run within MINEX III test driver,
• interacts with the file system or console,
• attempts to circumvent the NIST test driver,
• or attempts to game the MINEX III test.

Other Notes

• An organization is limited to one submission every 90 days.
• All software must pass validation on NIST's hardware as well as the participant's hardware, without modifying the validation script.
• All software library submissions must be signed and encrypted using the public-key printed on the MINEX III agreement.
• MINEX III is a PIV compliance test, not a fingerprint software debugging or data training service. Please be sure to thoroughly examine your software for defects before submitting to NIST.