Difference between revisions of "National Institute of Standards and Technology (NIST)"
m |
m |
||
| Line 38: | Line 38: | ||
* [https://airc.nist.gov/Home NIST Launches New Trustworthy and Responsible AI Resource Center: Includes First Version of AI Risk Management Framework Playbook] | * [https://airc.nist.gov/Home NIST Launches New Trustworthy and Responsible AI Resource Center: Includes First Version of AI Risk Management Framework Playbook] | ||
| + | * [https://www.fedramp.gov/nist-publications/ Federal Risk and Authorization Management Program (FedRAMP) | NIST] | ||
| + | * [https://www.nist.gov/cyberframework Cybersecurity Framework | NIST] | ||
| + | * [https://www.dhs.gov/using-cybersecurity-framework Using the Cybersecurity Framework | DHS] | ||
| + | * [https://www.dhs.gov/sites/default/files/publications/DHS-Cybersecurity-Strategy_1.pdf Cybersecurity Strategy .pdf | DHS] | ||
| + | * [https://www.us-cert.gov/ccubedvp/cybersecurity-framework Cybersecurity Framework - US-CERT | DHS] | ||
| + | * [https://www.sei.cmu.edu/research-capabilities/cybersecurity/index.cfm Cybersecurity - Software Engineering Institute | Carnegie Mellon] | ||
| + | * [https://www.nextgov.com/cybersecurity/2018/11/pentagon-researchers-test-worst-case-scenario-attack-us-power-grid/152803/ Pentagon Researchers Test 'Worst-Case Scenario' Attack on U.S. Power Grid | Defense Advanced Research Projects Agency - Nextgov] | ||
| + | * [https://www.nextgov.com/topic/election-security Election Security | Nextgov] | ||
| + | * [https://www.nist.gov/itl/ai-risk-management-framework AI Risk Management Framework (AI RMF 1.0 | NIST] | ||
| + | * [https://www.nist.gov/news-events/news/2023/02/nist-selects-lightweight-cryptography-algorithms-protect-small-devices NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices | Chad Boutin - NIST] ... The algorithms are designed to protect data created and transmitted by the Internet of Things and other small electronics. The winner, a group of cryptographic algorithms called <b>Ascon</b>, will be published as NIST’s lightweight cryptography standard later in 2023 | ||
| + | * [https://airc.nist.gov/Home NIST Launches New Trustworthy and Responsible AI Resource Center: Includes First Version of AI Risk Management Framework Playbook] | ||
| + | * U.S. Department of Homeland Security [https://www.dhs.gov/sites/default/files/publications/Artificial%20Intelligence%20Whitepaper%202017_508%20FINAL_2.pdf Artificial Intelligence White Paper | Science and Technology Advisory Committee (HSSTAC): Quadrennial Homeland Security Review Subcommittee], 10 Mar 2017 | ||
| + | * U.S. Department of Homeland Security [https://info.publicintelligence.net/OCIA-ArtificialIntelligence.pdf Narrative Analysis: Artificial Intelligence | National Protection and Programs Directorate - Office of Cyber and Infrastructure Analysis], July 2017 | ||
| + | * [https://emerj.com/ai-sector-overviews/artificial-intelligence-homeland-security/ AI at the US Department of Homeland Security – Current Projects | Millicent Abadicio - Emerj], April 16, 2019 | ||
| + | * [[Lie Detection]] | ||
| + | ** [https://governmentciomedia.com/ai-lie-detectors-could-soon-police-borders AI Lie Detectors Could Soon Police the Borders | Kevin McCaney - governmentCIO], December 18, 2018 | ||
| + | * [https://www.governmentciomedia.com/homeland-securitys-new-approach-cyber-risk-management Homeland Security's New Approach to Cyber Risk Management | Amanda Ziadeh - governmentCIO], June 15, 2018 | ||
| + | * [https://www.governmentciomedia.com/homeland-securitys-ai-journey-starts-trusting-its-data Homeland Security's AI Journey Starts with Trusting its Data | Amanda Ziadeh - governmentCIO], June 27, 2018 | ||
| + | * [https://www.vox.com/recode/2019/5/16/18511583/smart-border-wall-drones-sensors-ai The “smarter” wall: how drones, sensors, and AI are patrolling the border | Shirin Ghaffary - Vox] | ||
| + | ** [[Autonomous Drones]] | ||
| + | * [https://www.dhs.gov/science-and-technology/news/2019/10/09/news-release-dhs-st-awards-colorado-start-147k DHS S&T Awards Colorado Start-up $147K for Intelligent Counting and Measuring Platform] [https://kickview.com/ KickView] kvSonata will perform real-time analysis of queue lengths and wait times in the international customs processing areas of airports. | ||
| + | * [[Enterprise Architecture (EA)#Tailoring|Tailoring]] Enterprise Architecture at DHS U.S. CIS | ||
| + | * [[Time#Positioning, Navigation and Timing (PNT)|Positioning, Navigation and Timing (PNT)]] | ||
| + | ** [https://www.dhs.gov/science-and-technology/pnt-program Science and Technology (S&T) Positioning, Navigation, and Timing (PNT) Program] | ||
| + | *** [https://www.dhs.gov/publication/st-resilient-pnt-conformance-framework Science and Technology (S&T) Resilient Positioning, Navigation, and Timing (PNT) Conformance Framework] | ||
<youtube>te1drIJAUy0</youtube> | <youtube>te1drIJAUy0</youtube> | ||
<youtube>cvcKRp-E-8o</youtube> | <youtube>cvcKRp-E-8o</youtube> | ||
| + | <youtube>7ECjQOX2cTw</youtube> | ||
| + | <youtube>f6Hp5SQFOXw</youtube> | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | {|<!-- T --> | ||
| + | | valign="top" | | ||
| + | {| class="wikitable" style="width: 550px;" | ||
| + | || | ||
| + | <youtube>C1K4uX42TQk</youtube> | ||
| + | <b>Teaser for AUDREY Hastings Experiment | ||
| + | </b><br>Assistant for Understanding Data through Reasoning, Extraction, and Synthesis (AUDREY) The sheer volume of data from next-generation communication tools and sensors risks overwhelming or distracting first responders from their critical activities. As a result, first responders may make the wrong decisions, not because they lack relevant data, but because they are unable to quickly extract key insight from this flood of information. Information overload creates obstacles for first responders to perform their duties safely and efficiently. To learn more about AUDREY, visit: https://go.usa.gov/xPPBU | ||
| + | |} | ||
| + | |<!-- M --> | ||
| + | | valign="top" | | ||
| + | {| class="wikitable" style="width: 550px;" | ||
| + | || | ||
| + | <youtube>ZsOnNhDCDd4</youtube> | ||
| + | <b>Local company uses technology to stop bad drones | ||
| + | </b><br>A local company is using technology to stop drones used by cartels. | ||
| + | |} | ||
| + | |}<!-- B --> | ||
| + | |||
| + | = <span id="Post-Quantum Cryptography (PQC)"></span>Post-Quantum Cryptography (PQC) = | ||
| + | * [[Quantum#Cryptography | Quantum Cryptography]] | ||
| + | * [[Offense - Adversarial Threats/Attacks#Side Channel Attack (SCA) | Side Channel Attack (SCA)]] | ||
| + | * [https://www.whitehouse.gov/wp-content/uploads/2022/11/M-23-02-M-Memo-on-Migrating-to-Post-Quantum-Cryptography.pdf Migrating to Post-Quantum Cryptography | The White House] | ||
| + | * [https://www.siliconrepublic.com/enterprise/quantum-apocalypse-store-now-decrypt-later-encryption Quantum apocalypse: Experts warn of ‘store now, decrypt later’ hacks | Leigh McGowran - Silicon Republic] | ||
| + | * [https://www.tripwire.com/state-of-security/impact-quantum-computing-cybersecurity The impact of Quantum Computing on cybersecurity | Forta Tripwire] | ||
| + | * Post Quantum Solutions | ||
| + | ** [https://pqshield.com/ PQShield] | ||
| + | ** [https://blinkly.com Blinky] | ||
| + | ** [https://www.entrust.com/resources/certificate-solutions/learn/post-quantum-cryptography Entrust] | ||
| + | ** [https://www.qusecure.com QuSecure] | ||
| + | ** [https://www.idquantique.com/quantum-safe-security/xg-series-qkd ID Quantique] | ||
| + | |||
| + | In cryptography, <b>post-quantum cryptography (PQC)</b> (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against a cryptanalytic attack by a quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems could be easily solved on a sufficiently powerful quantum computer running Shor's algorithm. Even though current quantum computers lack processing power to break any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained greater attention from academics and industry through the PQCrypto conference series since 2006 and more recently by several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI) and the Institute for Quantum Computing. In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers. While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively block these attacks. Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography. - [https://en.wikipedia.org/wiki/Post-quantum_cryptography Wikipedia] | ||
| + | |||
| + | |||
| + | <hr><center> | ||
| + | |||
| + | Quantum Apocalypse: <i>Store Now, Decrypt Later (DNDL)</i> ... stealing data now to decrypt it in future, as quantum computing could render modern encryption methods obsolete | ||
| + | |||
| + | </center><hr> | ||
| + | |||
| + | |||
| + | <youtube>XYHmk2tpq1M</youtube> | ||
| + | <youtube>6qD-T1gjtKw</youtube> | ||
| + | <youtube>taZfUOpUc6E</youtube> | ||
| + | <youtube>-UrdExQW0cs</youtube> | ||
| + | |||
| + | == <span id="NIST Standardization process for PQC"></span>NIST Standardization process for PQC == | ||
| + | * [https://csrc.nist.gov/projects/post-quantum-cryptography Post-Quantum Cryptography (PQC) | NIST] | ||
| + | * [[Government Services#National Security Agency (NSA)|National Security Agency (NSA)]] | ||
| + | * NIST winners and will ratify standards in 2024 | ||
| + | * Multiple global rounds since 2015 led to NIST announcing winners in July 22 - four algorithms: | ||
| + | ** CRYSTALS-KYBER was chosen by NIST as the new standard for public-key encryption/KEMs | ||
| + | ** Falcon, CRYSTALS-Dilithium and SPHINCS+ will all be standardized for digital signatures | ||
| + | * There are more algorithms under consideration too, so the process continues | ||
| + | |||
| + | |||
| + | <youtube>s-74kyjIHDU</youtube> | ||
| + | <youtube>uE_Y1C4QPU8</youtube> | ||
| + | <youtube>XEs5o4AmWgs</youtube> | ||
| + | <youtube>j7BTjOE_jtE</youtube> | ||
Revision as of 05:25, 5 May 2023
YouTube ... Quora ...Google search ...Google News ...Bing News
- Government Services
- Case Studies
- Capabilities
- Cybersecurity References
- Offense - Adversarial Threats/Attacks
- Cybersecurity Frameworks, Architectures & Roadmaps
- Cybersecurity Companies/Products
- Radial Basis Function Network (RBFN)
- Quantum Cryptographic Technology
- Time
- Federal Risk and Authorization Management Program (FedRAMP) | NIST
- Cybersecurity Framework | NIST
- Using the Cybersecurity Framework | DHS
- Cybersecurity Strategy .pdf | DHS
- Cybersecurity Framework - US-CERT | DHS
- Cybersecurity - Software Engineering Institute | Carnegie Mellon
- Pentagon Researchers Test 'Worst-Case Scenario' Attack on U.S. Power Grid | Defense Advanced Research Projects Agency - Nextgov
- Election Security | Nextgov
- AI Risk Management Framework (AI RMF 1.0 | NIST
- NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices | Chad Boutin - NIST ... The algorithms are designed to protect data created and transmitted by the Internet of Things and other small electronics. The winner, a group of cryptographic algorithms called Ascon, will be published as NIST’s lightweight cryptography standard later in 2023
- NIST Launches New Trustworthy and Responsible AI Resource Center: Includes First Version of AI Risk Management Framework Playbook
- Federal Risk and Authorization Management Program (FedRAMP) | NIST
- Cybersecurity Framework | NIST
- Using the Cybersecurity Framework | DHS
- Cybersecurity Strategy .pdf | DHS
- Cybersecurity Framework - US-CERT | DHS
- Cybersecurity - Software Engineering Institute | Carnegie Mellon
- Pentagon Researchers Test 'Worst-Case Scenario' Attack on U.S. Power Grid | Defense Advanced Research Projects Agency - Nextgov
- Election Security | Nextgov
- AI Risk Management Framework (AI RMF 1.0 | NIST
- NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices | Chad Boutin - NIST ... The algorithms are designed to protect data created and transmitted by the Internet of Things and other small electronics. The winner, a group of cryptographic algorithms called Ascon, will be published as NIST’s lightweight cryptography standard later in 2023
- NIST Launches New Trustworthy and Responsible AI Resource Center: Includes First Version of AI Risk Management Framework Playbook
- U.S. Department of Homeland Security Artificial Intelligence White Paper | Science and Technology Advisory Committee (HSSTAC): Quadrennial Homeland Security Review Subcommittee, 10 Mar 2017
- U.S. Department of Homeland Security Narrative Analysis: Artificial Intelligence | National Protection and Programs Directorate - Office of Cyber and Infrastructure Analysis, July 2017
- AI at the US Department of Homeland Security – Current Projects | Millicent Abadicio - Emerj, April 16, 2019
- Lie Detection
- Homeland Security's New Approach to Cyber Risk Management | Amanda Ziadeh - governmentCIO, June 15, 2018
- Homeland Security's AI Journey Starts with Trusting its Data | Amanda Ziadeh - governmentCIO, June 27, 2018
- The “smarter” wall: how drones, sensors, and AI are patrolling the border | Shirin Ghaffary - Vox
- DHS S&T Awards Colorado Start-up $147K for Intelligent Counting and Measuring Platform KickView kvSonata will perform real-time analysis of queue lengths and wait times in the international customs processing areas of airports.
- Tailoring Enterprise Architecture at DHS U.S. CIS
- Positioning, Navigation and Timing (PNT)
|
|
Post-Quantum Cryptography (PQC)
- Quantum Cryptography
- Side Channel Attack (SCA)
- Migrating to Post-Quantum Cryptography | The White House
- Quantum apocalypse: Experts warn of ‘store now, decrypt later’ hacks | Leigh McGowran - Silicon Republic
- The impact of Quantum Computing on cybersecurity | Forta Tripwire
- Post Quantum Solutions
In cryptography, post-quantum cryptography (PQC) (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against a cryptanalytic attack by a quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems could be easily solved on a sufficiently powerful quantum computer running Shor's algorithm. Even though current quantum computers lack processing power to break any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained greater attention from academics and industry through the PQCrypto conference series since 2006 and more recently by several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI) and the Institute for Quantum Computing. In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers. While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively block these attacks. Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography. - Wikipedia
Quantum Apocalypse: Store Now, Decrypt Later (DNDL) ... stealing data now to decrypt it in future, as quantum computing could render modern encryption methods obsolete
NIST Standardization process for PQC
- Post-Quantum Cryptography (PQC) | NIST
- National Security Agency (NSA)
- NIST winners and will ratify standards in 2024
- Multiple global rounds since 2015 led to NIST announcing winners in July 22 - four algorithms:
- CRYSTALS-KYBER was chosen by NIST as the new standard for public-key encryption/KEMs
- Falcon, CRYSTALS-Dilithium and SPHINCS+ will all be standardized for digital signatures
- There are more algorithms under consideration too, so the process continues
