U.S. Department of Homeland Security (DHS)
Youtube search... ...Google search
- Case Studies
- Capabilities
- Cybersecurity References
- Offense - Adversarial Threats/Attacks
- Cybersecurity Frameworks, Architectures & Roadmaps
- Cybersecurity Companies/Products
- Radial Basis Function Network (RBFN)
- Quantum Cryptographic Technology
- Time
- Federal Risk and Authorization Management Program (FedRAMP) | NIST
- Cybersecurity Framework | NIST
- Using the Cybersecurity Framework | DHS
- Cybersecurity Strategy .pdf | DHS
- Cybersecurity Framework - US-CERT | DHS
- Cybersecurity - Software Engineering Institute | Carnegie Mellon
- Pentagon Researchers Test 'Worst-Case Scenario' Attack on U.S. Power Grid | Defense Advanced Research Projects Agency - Nextgov
- Election Security | Nextgov
- AI Risk Management Framework (AI RMF 1.0 | NIST
- NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices | Chad Boutin - NIST ... The algorithms are designed to protect data created and transmitted by the Internet of Things and other small electronics. The winner, a group of cryptographic algorithms called Ascon, will be published as NIST’s lightweight cryptography standard later in 2023
- NIST Launches New Trustworthy and Responsible AI Resource Center: Includes First Version of AI Risk Management Framework Playbook
Post-Quantum Cryptography (PQC)
- Quantum Cryptography
- [Offense - Adversarial Threats/Attacks#Side Channel Attack (SCA) | Side Channel Attack (SCA)]
- Migrating to Post-Quantum Cryptography | The White House
- Quantum apocalypse: Experts warn of ‘store now, decrypt later’ hacks | Leigh McGowran - Silicon Republic
- The impact of Quantum Computing on cybersecurity | Forta Tripwire
- Post Quantum Solutions
In cryptography, post-quantum cryptography (PQC) (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against a cryptanalytic attack by a quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems could be easily solved on a sufficiently powerful quantum computer running Shor's algorithm. Even though current quantum computers lack processing power to break any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained greater attention from academics and industry through the PQCrypto conference series since 2006 and more recently by several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI) and the Institute for Quantum Computing. In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers. While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively block these attacks. Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography. - Wikipedia
Quantum Apocalypse: Store Now, Decrypt Later (DNDL) ... stealing data now to decrypt it in future, as quantum computing could render modern encryption methods obsolete
NIST Standardization process for PQC
- Post-Quantum Cryptography (PQC) | NIST
- NIST winners and will ratify standards in 2024
- Multiple global rounds since 2015 led to NIST announcing winners in July 22 - four algorithms:
- CRYSTALS-KYBER was chosen by NIST as the new standard for public-key encryption/KEMs
- Falcon, CRYSTALS-Dilithium and SPHINCS+ will all be standardized for digital signatures
- There are more algorithms under consideration too, so the process continues
National Security Agency (NSA) - Cybersecurity
- National Security Agency (NSA) - Cybersecurity Directorate
- Commercial National Security Algorithm (CNSA) Suite 2.0 ... Federal-wide guidance on Cryptography, including PQC
- PQC is default from 2025 in Software and Web Browsers
- PQC is default from 2026 in Networking
- PQC is default from 2027 in Operating Systems
- PQC is default from 2030 in Niche Systems
- PQC is default for all systems - including legacy systems - by 2033