Applied Cryptography
Cryptography uses mathematical functions to transform data and prevent it from being read or tampered with by unauthorized parties. Nearly every computing and communications device uses cryptographic technologies to protect the confidentiality and integrity of information that is communicated or stored. However, the protection provided by cryptography is only as strong as its weakest link. Any shortcomings in algorithm selection and implementation, or in implementation testing, integration, and operation can be detrimental to achieving the expected security outcomes.
NIST’s NCCoE Applied Cryptography program is bridging the gap between development of fundamental cryptographic algorithms and their use in commercial off-the-shelf technology.
Security Guidance
-
Migration to Post-Quantum Cryptography
Brings awareness to the issues involved in migrating to post-quantum algorithms and develops practices to ease migration from current public-key algorithms to replacement algorithms that are resistant to quantum computer-based attacksReviewing Comments -
Addressing Visibility Challenges with TLS 1.3 within the Enterprise
Addresses challenges to compliance, operations, and security with modern encrypted protocols, and TLS 1.3 in particularReviewing Comments -
Automation of the NIST Cryptographic Module Validation Program
Demonstrates the value and practicality of automation to improve the efficiency and timeliness of Cryptographic Module Validation Program (CMVP) operation and processesSoliciting Comments -
TLS Server Certificate Management
Proposes a solution that efficiently and effectively provisions and manages TLS server certificates during normal operations and disaster recovery in a typical enterprise environmentFinalized Guidance
Supporting Workshop Materials and Webcasts
-
Automation of the NIST Cryptographic Module Validation Program (CMVP)
The number of cryptographic module validations has outstripped the available human resources for timely validation processing. The purpose of the workshop was to discuss the challenges and proposed approaches associated with automating the CMVP. -
Challenges with Compliance, Operations, and Security with TLS 1.3
This workshop identified various approaches and practices to meet common compliance, operations, and security challenges with modern encrypted protocols. The findings from this workshop will inform the development of a potential NCCoE project. -
Considerations in Migrating to Post-Quantum Cryptographic Algorithms
This workshop discussed and investigated the practical and implementable approaches to ease the migration from the current set of public key cryptographic algorithms to replacement algorithms that are resistant to quantum computer based attacks. -
Trusted IoT Device Network-Layer Onboarding and Lifecycle Management
NIST invited industry subject matter experts and practitioners to present their views on challenges to implementation, operations, and security matters associated with trusted IoT device network-layer onboarding.