NIST – WindowsTechs.com

Agencies push for digital transformation amid security challenges

Posted on November 13, 2024 by swhitehorne

Federal agencies are accelerating digital transformation efforts to meet public expectations and comply with mandates, but transitioning securely to platforms like Salesforce often requires specialized help, according to a new e-book.

The post Agencies push for digital transformation amid security challenges appeared first on CyberScoop.

Continue reading Agencies push for digital transformation amid security challenges→

White House to agencies: Don’t wait to test your post-quantum encryption

Posted on October 30, 2024 by djohnson

Federal agencies can spare themselves interoperability heartburn tomorrow by testing post-quantum encryption algorithms in live conditions today, official says.

The post White House to agencies: Don’t wait to test your post-quantum encryption appeared first on CyberScoop.

Continue reading White House to agencies: Don’t wait to test your post-quantum encryption→

What NIST’s post-quantum cryptography standards mean for data security

Posted on October 22, 2024 by Hannah Chong

Data security is the cornerstone of every business operation. Today, the security of sensitive data and communication depends on traditional cryptography methods, such as the RSA algorithm. While such algorithms secure against today’s threats, organizations must continue to look forward and begin to prepare against upcoming risk factors. The National Institute of Standards and Technology […]

The post What NIST’s post-quantum cryptography standards mean for data security appeared first on Security Intelligence.

Continue reading What NIST’s post-quantum cryptography standards mean for data security→

What NIST’s post-quantum cryptography standards mean for data security

Posted on October 22, 2024 by Hannah Chong

The post What NIST’s post-quantum cryptography standards mean for data security appeared first on Security Intelligence.

Continue reading What NIST’s post-quantum cryptography standards mean for data security→

Why is "not storing data protection keys" not a popular choice?

Posted on October 4, 2024 by GuteShel

In the NIST SP 800-132, they specified two ways to use the data protection key (DPK) that is derived from a password. One of them is to use the DPK to encrypt data, and then, if I am not mistaken, destroying the DPK. To verify whether an… Continue reading Why is "not storing data protection keys" not a popular choice?→

NIST Recommends Some Common-Sense Password Rules

Posted on September 27, 2024 by Bruce Schneier

NIST’s second draft of its “SP 800-63-4“—its digital identify guidelines—finally contains some really good rules about passwords:

The following requirements apply to passwords:

lVerifiers and CSPs SHALL require passwords to be a minimum of eight characters in length and SHOULD require passwords to be a minimum of 15 characters in length.

Verifiers and CSPs SHOULD permit a maximum password length of at least 64 characters.

Verifiers and CSPs SHOULD accept all printing ASCII [RFC20] characters and the space character in passwords.

Verifiers and CSPs SHOULD accept Unicode [ISO/ISC 10646] characters in passwords. Each Unicode code point SHALL be counted as a signgle character when evaluating password length.
…

Continue reading NIST Recommends Some Common-Sense Password Rules→

House panel moves bill that adds AI systems to National Vulnerability Database

Posted on September 25, 2024 by djohnson

The AI Incident Reporting and Security Enhancement Act would put NIST in charge of setting up a vulnerability reporting process for AI systems.

The post House panel moves bill that adds AI systems to National Vulnerability Database appeared first on CyberScoop.

Continue reading House panel moves bill that adds AI systems to National Vulnerability Database→

World-first nuclear clock prototype could outperform atomic clocks

Posted on September 5, 2024 by Michael Irving

Atomic clocks are the most accurate timekeepers we have, losing only seconds across billions of years. But apparently that’s not accurate enough – nuclear clocks could steal their thunder, speeding up GPS and the internet, among other things. Now, scie… Continue reading World-first nuclear clock prototype could outperform atomic clocks→

Security Experts Welcome NIST’s New Encryption Standards For Quantum Computers

Posted on August 16, 2024 by Esther Shein

Although quantum computing is not yet widespread, current encryption methods pose a significant risk of cyberattacks, the agency said. Continue reading Security Experts Welcome NIST’s New Encryption Standards For Quantum Computers→

NIST Releases First Post-Quantum Encryption Algorithms

Posted on August 15, 2024 by Bruce Schneier

From the Federal Register:

After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a result of the PQC Standardization Process. The public-key encapsulation mechanism selected was CRYSTALS-KYBER, along with three digital signature schemes: CRYSTALS-Dilithium, FALCON, and SPHINCS+.

These algorithms are part of three NIST standards that have been finalized:

FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard
FIPS 204: Module-Lattice-Based Digital Signature Standard
FIPS 205: Stateless Hash-Based Digital Signature Standard…

Continue reading NIST Releases First Post-Quantum Encryption Algorithms→