An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
We investigate the trade-off between utility and path diversity in a model of congestion control where there can be multiple routes between two locations in a network The model contains a random route allocation scheme for each source s (user or TCP
This bulletin summarizes the information that was presented in NIST Interagency Report (NISTIR)7564, Directions in Security Metrics Research, by Wayne Jansen. The publication examines past efforts to develop security measurements that could help
This document approves the XTS-AES mode of the AES algorithm by reference to IEEE Std 1619-2007, subject to one additional requirement, as an option for protecting the confidentiality of data on storage devices. The mode does not provide authentication of
Elaine B. Barker, Dennis K. Branstad, Santosh Chokhani, Miles E. Smid
On June 8 and 9, 2009, NIST held a Cryptographic Key Management (CKM) Workshop at its Gaithersburg, Maryland, campus that attracted approximately 80 people attending the workshop in person, with another 75 participating through video conferencing, and an
Tanya L. Brewer, Annie W. Sokol, Sheldon A. Durrant
Privilege management is large and complex, often the source of heated debate and opinion, and fraught with widely-understood, yet ill-defined terminology and concepts. The National Institute of Standards and Technology (NIST) and the National Security
This article reviews risks and vulnerabilities in interdomain routing, and best practices that can have near-term benefits for routing security. It includes examples of routing failures and common attacks on routers, and coutermeasures to reduce router
This bulletin summarizes the information that was published in NIST Interagency Report (NISTIR) 7621, Small Business Information Security: The Fundamentals, by Richard Kissel. The publication presents three major areas that small businesses should address
Stephen D. Quinn, David A. Waltermire, Christopher S. Johnson, Karen A. Scarfone, John F. Banghart
This document defines the technical specification for Version 1.0 of the Security Content Automation Protocol (SCAP). SCAP consists of a suite of specifications for standardizing the format and nomenclature by which security software communicates
Elena Andreeva, Charles Bouillaguet , Orr Dunkelman, John M. Kelsey
In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgaard construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each
This study compared random and t-way combinatorial inputs of a network simulator, to determine if these two approaches produce significantly different deadlock detection for varying network configurations. Modeling deadlock detection is important for
The Common Vulnerability Scoring System (CVSS) is a specification that is used to measure the relative severity of software vulnerabilities. CVSS version 2, which was finalized in June 2007, was designed to address several deficiencies discovered during
This report concerns the theoretical and practical issues with automatically populating mobile devices with reference test data for use as reference materials in validation of forensic tools. It describes an application and data set developed to populate
This paper describes some practical administrative issues and challenges in the deployment of DNSSEC - an IETF specified suite of security measures for securing the Domain Name System (DNS). The issues covered include: (a) Choice of Cryptographic
[Superseded by NISTIR 7621 Rev. 1 (November 2016): https://www.nist.gov/node/1111801 ] For some small businesses, the security of their information, systems, and networks might not be a high priority, but for their customers, employees, and trading
This report contains a list of selected acronyms and abbreviations for system and network security terms with their generally accepted or preferred definitions. It is intended as a resource for Federal agencies and other users of system and network
Firewalls are devices or programs that control the flow of network traffic between networks or hosts employing differing security postures. This publication provides an overview of several types of firewall technologies and discusses their security
This paper provides definitions for some desirable properties of voting systems, including auditability, ballot secrecy, incoercibility, usability and accessibility. In the context of these desirable properties, it defines the class of end-to-end
Establishing the time when a digital signature was generated is often a critical consideration. A signed message that includes the (purported) signing time provides no assurance that the private key was used to sign the message at that time unless the
Andrew R. Regenscheid, Ray A. Perlner, Shu-jen H. Chang, John M. Kelsey, Mridul Nandi, Souradyuti Paul
The National Institute of Standards and Technology is in the process of selecting a new cryptographic hash algorithm through a public competition. The new hash algorithm will be referred to as SHA-3 and will complement the SHA-2 hash algorithms currently
This Recommendation specifies security requirements for authentication methods with key establishment supported by the Extensible Authentication Protocol (EAP) defined in IETF RFC 3748 for wireless access authentications to federal networks.
Hildegard Ferraiolo, Teresa T. Schwarzhoff, William I. MacGregor, Hung Dang, Ketan Mehta
This document describes the use of ISO/IEC 24727 in enabling client-applications to access identity credentials issued by different credential issuers.