Difference between revisions of "National Institute of Standards and Technology (NIST)"

From
Jump to: navigation, search
m (AI Assurance Program)
m (Risk Management)
Line 31: Line 31:
  
 
= Risk Management =
 
= Risk Management =
** [[Risk, Compliance and Regulation]]
+
* [[Risk, Compliance and Regulation]]
*** [[Cybersecurity]]
+
** [[Cybersecurity]]
 
* [[Capabilities]]
 
* [[Capabilities]]
 
* [[Cybersecurity References]]
 
* [[Cybersecurity References]]

Revision as of 12:24, 12 June 2023

YouTube ... Quora ...Google search ...Google News ...Bing News

Artificial Intelligence (AI)

AI Assurance Program

Microsoft's program will help customers ensure that the AI applications they deploy on Microsoft’s platforms comply with legal and regulatory requirements for responsible AI. It will include elements such as regulator engagement support, implementation of the AI Risk Management Framework published by the U.S. National Institute of Standards and Technology (NIST), customer councils for feedback, and regulatory advocacy.

Risk Management

Post-Quantum Cryptography (PQC)

In cryptography, post-quantum cryptography (PQC) (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against a cryptanalytic attack by a quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems could be easily solved on a sufficiently powerful quantum computer running Shor's algorithm. Even though current quantum computers lack processing power to break any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained greater attention from academics and industry through the PQCrypto conference series since 2006 and more recently by several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI) and the Institute for Quantum Computing. In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers. While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively block these attacks. Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography. - Wikipedia



Quantum Apocalypse: Store Now, Decrypt Later (DNDL) ... stealing data now to decrypt it in future, as quantum computing could render modern encryption methods obsolete



NIST Standardization process for PQC

  • Post-Quantum Cryptography (PQC) | NIST
  • National Security Agency (NSA)
  • NIST winners and will ratify standards in 2024
  • Multiple global rounds since 2015 led to NIST announcing winners in July 22 - four algorithms:
    • CRYSTALS-KYBER was chosen by NIST as the new standard for public-key encryption/KEMs
    • Falcon, CRYSTALS-Dilithium and SPHINCS+ will all be standardized for digital signatures
  • There are more algorithms under consideration too, so the process continues