Many U.S. Government Information Technology (IT) systems need to employ well-established cryptographic schemes to protect the integrity and confidentiality of the data that they process. Algorithms such as the Advanced Encryption Standard (AES) as defined in Federal Information Processing Standard (FIPS) 197, Triple DES as specified in NIST Special Publication (SP) 80067, and HMAC as defined in FIPS 198 make attractive choices for the provision of these services. These algorithms have been standardized to facilitate interoperability between systems. However, the use of these algorithms requires the establishment of shared secret keying material in advance. Trusted couriers may manually distribute this secret keying material. However, as the number of entities using a system grows, the work involved in the distribution of the secret keying material could grow rapidly. Therefore, it is essential to support the cryptographic algorithms used in modern U.S. Government applications with automated key establishment schemes.
2021-09-16 16:52:25
1.05MB
1
PyPQC-Python后量子密码学包装器
该项目为NIST量子后密码学提交提供了Python和命令行包装,请参阅: :
它可以使开发人员更容易地进行第1轮提交,并且应该允许您使用Python或其他语言非常快速地对其进行试验和原型设计,而无需编写C代码,创建共享对象或DLL或将自己锁定在一种特定算法中(例如,第二轮发生时)。
建造
所需的软件包:
openssl-devel或libssl-dev获取libcrypto.so
然后用:
make
例子
这两个类PQCKEM和PQCSign提供了pqc_cli可执行文件的接口。 您必须为其提供可执行文件的完整路径作为构造函数参数。 略微修改每个提交以构建自己的pqc_cli可执行文件。
如果该算法同时支持密钥交换和签名,则不能保证为一个生成的密钥对与另一个兼容。
密钥交换
为指定密钥对的所有者创建共享机密。 只有密钥对的秘密部分
2021-09-11 11:07:56
125KB
1
(P256/P384/P521/W25519/W448/Curve25519/Edwards448)
2021-08-31 18:00:19
1.39MB
1
《工业控制系统安全指南》
此文件提供建立安全的工业控制系统( ICS )的指导。这些 ICS 包括监控和 包括监控和 数据采集( 数据采集( SCADA )系统,分布式控制( )系统,分布式控制( )系统,分布式控制( )系统,分布式控制( )系统,分布式控制( DCS ),和其他控制系统 ),和其他控制系统 ),和其他控制系统 ),和其他控制系统 ,如在工业 部门和关键基础设施中经常可以看到的撬装式 部门和关键基础设施中经常可以看到的撬装式 部门和关键基础设施中经常可以看到的撬装式 部门和关键基础设施中经常可以看到的撬装式 部门和关键基础设施中经常可以看到的撬装式 部门和关键基础设施中经常可以看到的撬装式 的可编程逻辑控制器( 的可编程逻辑控制器( 的可编程逻辑控制器( PLC )。 ICS 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 浆和造纸、食品饮料以及离散制(如汽车航空天耐用)等行业。这 浆和造纸、食品饮料以及离散制(如汽车航空天耐用)等行业。这 浆和造纸、食品饮料以及离散制(如汽车航空天耐用)等行业。这 浆和造纸、食品饮料以及离散制(如汽车航空天耐用)等行业。这 浆和造纸、食品饮料以及离散制(如汽车航空天耐用)等行业。
2021-08-30 12:27:06
2.45MB
1
The use of cryptographic mechanisms is one of the strongest ways to provide security services for electronic applications and protocols and for data storage. The National Institute of Standards and Technology (NIST) publishes Federal Information Processing Standards (FIPS) and NIST Recommendations (which are published as Special Publications) that specify cryptographic techniques for protecting sensitive, unclassified information.
Since NIST published the Data Encryption Standard (DES) in 1977, the suite of approved standardized algorithms has been growing. New classes of algorithms have been added, such as secure hash functions and asymmetric key algorithms for digital signatures. The suite of algorithms now provides different levels of cryptographic strength through a variety of key sizes. The algorithms may be combined in many ways to support increasingly complex protocols and applications. This NIST Recommendation applies to U.S. government agencies using cryptography for the protection of their sensitive, unclassified information. This Recommendation may also be followed, on a voluntary basis, by other organizations that want to implement sound security principles in their computer systems.
The proper management of cryptographic keys is essential to the effective use of cryptography for security. Keys are analogous to the combination of a safe. If an adversary knows the combination, the strongest safe provides no security against penetration. Similarly, poor key management may easily compromise strong algorithms. Ultimately, the security of information protected by cryptography directly depends on the strength of the keys, the effectiveness of the mechanisms and protocols associated with the keys, and the protection afforded the keys. Cryptography can be rendered ineffective by the use of weak products, inappropriate algorithm pairing, poor physical security, and the use of weak protocols.
All keys need to be protected against unauthorized substitution and m
2021-08-25 22:15:37
1.28MB
1