DOCSLIB.ORG

Guideline for Implementing Cryptography in the Federal Government

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Archived NIST Technical Series Publication The attached publication has been archived (withdrawn), and is provided solely for historical purposes. It may have been superseded by another publication (indicated below). Archived Publication Series/Number: NIST Special Publication 800-21 Title: Guideline for Implementing Cryptography in the Federal Government Publication Date(s): November 1999 Withdrawal Date: December 2005 Withdrawal Note: SP 800-21 is superseded in its entirety by the publication of SP 800-21 2nd edition (December 2005). Superseding Publication(s) The attached publication has been superseded by the following publication(s): Series/Number: NIST Special Publication 800-21 2nd edition Title: Guideline for Implementing Cryptography in the Federal Government Author(s): Elaine B. Barker, William C. Barker, Annabelle Lee Publication Date(s): December 2005 URL/DOI: http://dx.doi.org/10.6028/NIST.SP.800-21e2 Additional Information (if applicable) Contact: Computer Security Division (Information Technology Lab) Latest revision of the SP 800-21 2nd edition (as of June 19, 2015) attached publication: Related information: http://csrc.nist.gov/projects/crypto.html Withdrawal N/A announcement (link): Date updated: June Ϯϯ, 2015 NIST Special Publication 800-21 Guideline for Implementing U.S. DEPARTMENT OF Cryptography in the COMMERCE Federal Government Technology Administration National Institute of Standards and Technology NATL INST. OF STAND & JECH Annabelle Lee WIST AlllDb MDHSD3 PUBL/CAT/ONS COMPUTER SECURITY QC Nisr 100 U57 .800-21 [999 fhe National Institute of Standards and Technology was established in 1988 by Congress to "assist industry in the development of technology . needed to improve product quality, to modernize manufacturing processes, to ensure product reliability . and to facilitate rapid commercialization ... of products based on new scientific discoveries." NIST, originally founded as the National Bureau of Standards in 1901, works to strengthen U.S. industry's competitiveness; advance science and engineering; and improve public health, safety, and the environment. One of the agency's basic functions is to develop, maintain, and retain custody of the national standards of measurement, and provide the means and methods for comparing standards used in science, engineering, manufacturing, commerce, industry, and education with the standards adopted or recognized by the Federal Government. As an agency of the U.S. Commerce Department's Technology Administration, NIST conducts basic and applied research in the physical sciences and engineering, and develops measurement techniques, test methods, standards, and related services. The Institute does generic and precompetitive work on new and advanced technologies. NIST's research facilities are located at Gaithersburg, MD 20899, and at Boulder, CO 80303. Major technical operating units and their principal activities are listed below. For more information contact the Publications and Program Inquiries Desk, 301-975-3058. Office of the Director Physics Laboratory • National Quality Program • Electron and Optical Physics • International and Academic Affairs • Atomic Physics • Optical Technology Technology Services • Ionizing Radiation • standards Services • Time and Frequency^ • Technology Partnerships • Quantum Physics^ • f^leasurement Services • Technology Innovation Materials Science and Engineering • Information Services Laboratory • Intelligent Processing of Materials Advanced Technology Program • Ceramics • Economic Assessment • Materials Reliability^ • Information Technology and Applications • Polymers • Chemical and Biomedical Technology • Metallurgy • f^aterials and Manufacturing Technology • NIST Center for Neutron Research • Electronics and Photonics Technology Manufacturing Engineering Manufacturing Extension Partnership Laboratory Program • Precision Engineering • Regional Programs • Automated Production Technology • National Programs • Intelligent Systems • Program Development • Fabrication Technology • Manufacturing Systems Integration Electronics and Electrical Engineering Building and Fire Research Laboratory Laboratory • Microelectronics • structures • Law Enforcement Standards • Building Materials • Electricity • Building Environment • Semiconductor Electronics • Fire Safety Engineering • Electromagnetic Fields^ • Fire Science • Electromagnetic Technology^ • Optoelectronics^ Information Technology Laboratory • Mathematical and Computational Sciences^ Chemical Science and Technology • Advanced Network Technologies Laboratory • Computer Security • Biotechnology • Information Access and User Interfaces • Physical and Chemical Properties^ • High Performance Systems and Services • Analytical Chemistry • Distributed Computing and Information Services • Process Measurements • Software Diagnostics and Conformance Testing • Surface and Microanalysis Science • Statistical Engineering 'At Boulder, CO 80303. ^Some elements at Boulder, CO. NisT Special Publication 800 21 Guideline foF Implementing Cryptography in the Federal Government Annabelle Lee COMPUTER SECURITY Security Technology Group Computer Security Division National Institute of Standards and Technology Gaithersburg. MD 20899-cS930 November 1999 U.S. Department of Commerce William M. Daley, Secretary Technology Administration Dr. Cheryl L. Shavers, Under Secretary of Commerce for Technology National Institute of Standards and Technology Raymond G. Kammer, Director Reports on Computer Systems Technology Tlic Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation's measurement and standards infrastructure for information technology. ITL develops tests, test methods, reference data, proof of concept implementations and technical analyses to advance the development and productive use of information technology. ITL's responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in federal computer systems. This Special Publication 800 series reports on ITL's research, guidance, and outreach efforts in computer security, and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-21 Natl. Inst. Stand. Technol. Spec. Publ. 800-21, 138 pages (Nov. 1999) CODEN: NSPUE2 U.S. GOVERNMENT PRINTING OFFICE WASHINGTON: 1999 For sale by the Supei intcndent of Documents, U.S. Government Printing Office, Washington, DC 20402-9325 51 GUIDELINE FOR IMPLEMENTING CRYPTOGRAPHY IN THE FEDERAL GOVERNMENT 1. INTRODUCTION 1 1.1. Purpose 1 1.2. Audience 1 1.3. Scope 2 1.4. Content 3 1 .5. Uses of Cryptography 4 2. STANDARDS AND CRITERIA 6 2.1. Benefits of Standards 7 2.2. Standards Organizations 8 2.2.1 . American National Standards Institute (ANSI) 8 2.3.2. Institute of Electrical and Electronics Engineers (IEEE) 1 2.2.2. Internet Engineering Task Force (IETF) 1 2.2.3. International Organization for Standardization (ISO) ..12 2.3. Common Criteria 12 2.4. FIRS Waiver Procedure 13 3. SOME IMPLEMENTATION ISSUES 14 3. 1 . Interfaces/Use of CAPIs 14 3.2. Hardware vs. Software Solutions 14 3.2.1. Public vs. Secret Key Cryptography 15 3.3. Key Management 1 3.3.1. Key Generation 17 3.3.2. Key Use 18 3.3.3. Key Archiving 19 3.3.4. Key Destruction 20 3.4. Authentication 20 3.4. 1 . Traditional (Weak) Authentication 20 3.4.2. Authentication Using Dynamic Authentication Data 21 3.4.3. Authentication Against Active Attacks 22 4. CRYPTOGRAPHY METHODS 23 4.1 . Symmetric/Secret Key Cryptography 23 4.1 .1 . Symmetric/Secret Encryption 23 4. 1 .2. Message Authentication Code 27 4.2. Hash Functions 28 4.2.1. SHAandSHA-1 28 4.3. Asymmetric Key Cryptography 29 4.3.1. Digital Signatures 29 4.3.2. Key Transport/Agreement 37 4.4. Key Management ......42 5. PUBLIC KEY INFRASTRUCTURE (PKI) 44 5.1 . Public Key Infrastructure (PKI) Overview 44 5.2. PKI Architectures 45 5.3. Security Policies of Other CAs and the Network 46 iii 1 5.4. Interoperability 46 5.5. Minimum Interoperability Specification for PKI Components (MISPC)....47 5.6. Federal PKI Architecture 48 5.6.1 . Architecture Components 49 5.6.2. Operational Concept 51 5.6.3. Federal PKI (FPKI) Steering Committee 52 6. TESTING 53 6.1 . Cryptographic Module Validation Program (CMVP) 55 6.1.1. Background 55 6.1.2. FIPS PUB 140-1 Requirements 58 6.1.3. Validated Modules List 60 6.1.4. Effective Use of FIPS PUB 140-1 60 6.2. National Voluntary Laboratory Accreditation Program (NVLAP) 60 6.3. Industry and Standards Organizations. 60 6.3.1. National Information Assurance Partnership (NIAP) 61 6.4. Certification and Management Authorization 61 7. SELECTING CRYPTOGRAPHY - THE PROCESS 63 7.1. Planning Phase 67 7.1.1. Security Policies. 67 7.1.2. Risk Assessment 71 7.1.3. Security Objectives 73 7.2. Definition Phase. 74 7.2.1 . Security Requirements/Specifications 75 : 7.2.2. Cryptographic Method Example 83 7.2.3, Selecting Cryptographic Countermeasures 84 7.3. Acquisition Phase 94 7.3.1. Implementation Approach 95 7.4. Operations Phase 97 7.4.1. Training and Documentation 97 7.4.2. Life Cycle Management of Cryptographic Components 97 8. PUTTING IT ALL TOGETHER - EXAMPLES 99 8.1. Key Recovery Demonstration Project (KRDP) 99 8.1.1. Department of Energy: EZ_ERA32 and the KRDP 99 8.1.2. U.S. Electronic Grants 103 8.2. Army Corps of
Recommended publications
  • On the NIST Lightweight Cryptography Standardization

    On the NIST Lightweight Cryptography Standardization

    On the NIST Lightweight Cryptography Standardization Meltem S¨onmez Turan NIST Lightweight Cryptography Team ECC 2019: 23rd Workshop on Elliptic Curve Cryptography December 2, 2019 Outline • NIST's Cryptography Standards • Overview - Lightweight Cryptography • NIST Lightweight Cryptography Standardization Process • Announcements 1 NIST's Cryptography Standards National Institute of Standards and Technology • Non-regulatory federal agency within U.S. Department of Commerce. • Founded in 1901, known as the National Bureau of Standards (NBS) prior to 1988. • Headquarters in Gaithersburg, Maryland, and laboratories in Boulder, Colorado. • Employs around 6,000 employees and associates. NIST's Mission to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. 2 NIST Organization Chart Laboratory Programs Computer Security Division • Center for Nanoscale Science and • Cryptographic Technology Technology • Secure Systems and Applications • Communications Technology Lab. • Security Outreach and Integration • Engineering Lab. • Security Components and Mechanisms • Information Technology Lab. • Security Test, Validation and • Material Measurement Lab. Measurements • NIST Center for Neutron Research • Physical Measurement Lab. Information Technology Lab. • Advanced Network Technologies • Applied and Computational Mathematics • Applied Cybersecurity • Computer Security • Information Access • Software and Systems • Statistical
  • TS 102 176-1 V2.1.1 (2011-07) Technical Specification

    TS 102 176-1 V2.1.1 (2011-07) Technical Specification

    ETSI TS 102 176-1 V2.1.1 (2011-07) Technical Specification Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash functions and asymmetric algorithms 2 ETSI TS 102 176-1 V2.1.1 (2011-07) Reference RTS/ESI-000080-1 Keywords e-commerce, electronic signature, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice Individual copies of the present document can be downloaded from: http://www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http://portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http://portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission.
  • Guidelines on Cryptographic Algorithms Usage and Key Management

    Guidelines on Cryptographic Algorithms Usage and Key Management

    EPC342-08 Version 7.0 4 November 2017 [X] Public – [ ] Internal Use – [ ] Confidential – [ ] Strictest Confidence Distribution: Publicly available GUIDELINES ON CRYPTOGRAPHIC ALGORITHMS USAGE AND KEY MANAGEMENT Abstract This document defines guidelines on cryptographic algorithms usage and key management. Document Reference EPC342-08 Issue Version 7.0 Date of Issue 22 November 2017 Reason for Issue Maintenance of document Produced by EPC Authorised by EPC Document History This document was first produced by ECBS as TR 406, with its latest ECBS version published in September 2005. The document has been handed over to the EPC which is responsible for its yearly maintenance. DISCLAIMER: Whilst the European Payments Council (EPC) has used its best endeavours to make sure that all the information, data, documentation (including references) and other material in the present document are accurate and complete, it does not accept liability for any errors or omissions. EPC will not be liable for any claims or losses of any nature arising directly or indirectly from use of the information, data, documentation or other material in the present document. Conseil Européen des Paiements AISBL– Cours Saint-Michel 30A – B 1040 Brussels Tel: +32 2 733 35 33 – Fax: +32 2 736 49 88 Enterprise N° 0873.268.927 – www.epc-cep.eu – [email protected] © 2016 Copyright European Payments Council (EPC) AISBL: Reproduction for non-commercial purposes is authorised, with acknowledgement of the source Table of Content MANAGEMENT SUMMARY ............................................................. 5 1 INTRODUCTION .................................................................... 7 1.1 Scope of the document ...................................................... 7 1.2 Document structure .......................................................... 7 1.3 Recommendations ............................................................ 8 1.4 Implementation best practices .........................................
  • BIP Note 18 Binding Implementation Practice (BIP) Note

    BIP Note 18 Binding Implementation Practice (BIP) Note

    Superannuation Transaction Network BIP Note 18 Binding Implementation Practice (BIP) Note Title: TLS Configuration and Cryptography Date: 10 Nov 201 5 Standards Version: 1.0 Scope [ x ] transport layer Status: [ ] Draft [ ] message payload [x ] Ratified [ x ] security Live Date: 25 February 2016 On this date this BIP note will be binding on all participants 1. Change This document sets requirements for SSL/TLS configuration within the STN. 2. Reason for Change Secure message exchange within the STN is fully dependent on HTTPS protocol (HTTP over TLS). SSL 3.0 has existed for at least 15 years. It was superseded by TLS 1.0 which was in turn replaced by TLS 1.1 and TLS 1.2. Cryptography standards used in SSL and early versions of TLS are now deprecated and do not provide sufficient level of security. Clause 6.6(a) of Superannuation Data and Gateway Services Standards for Gateway Operators transaction within the Superannuation Transaction Network document requires STN gateways to use “a minimum level of protection of Transport Layer Security (TLS) of version 1.1 or above”. Majority of the STN gateways supports TLS versions 1.0 through 1.2 at the server side (some gateways still support SSL 3.0). However, only a few gateways support modern TLS versions at the client side resulting majority of transactions within the STN being sent through TLS 1.0 channel. In order to eliminate vulnerabilities of the obsolete SSL/TLS protocols, SSL 3.0 and TLS 1.0 must be completely disabled. Mozilla Foundation recommends not to include TLS 1.0 into “Modern” configuration set for web- servers and limits its usage only for backward-compatibility purposes (given that STN is P2P network with a limited number of participants, backward-compatibility issue is not relevant).
  • Cs 255 (Introduction to Cryptography)

    Cs 255 (Introduction to Cryptography)

    CS 255 (INTRODUCTION TO CRYPTOGRAPHY) DAVID WU Abstract. Notes taken in Professor Boneh’s Introduction to Cryptography course (CS 255) in Winter, 2012. There may be errors! Be warned! Contents 1. 1/11: Introduction and Stream Ciphers 2 1.1. Introduction 2 1.2. History of Cryptography 3 1.3. Stream Ciphers 4 1.4. Pseudorandom Generators (PRGs) 5 1.5. Attacks on Stream Ciphers and OTP 6 1.6. Stream Ciphers in Practice 6 2. 1/18: PRGs and Semantic Security 7 2.1. Secure PRGs 7 2.2. Semantic Security 8 2.3. Generating Random Bits in Practice 9 2.4. Block Ciphers 9 3. 1/23: Block Ciphers 9 3.1. Pseudorandom Functions (PRF) 9 3.2. Data Encryption Standard (DES) 10 3.3. Advanced Encryption Standard (AES) 12 3.4. Exhaustive Search Attacks 12 3.5. More Attacks on Block Ciphers 13 3.6. Block Cipher Modes of Operation 13 4. 1/25: Message Integrity 15 4.1. Message Integrity 15 5. 1/27: Proofs in Cryptography 17 5.1. Time/Space Tradeoff 17 5.2. Proofs in Cryptography 17 6. 1/30: MAC Functions 18 6.1. Message Integrity 18 6.2. MAC Padding 18 6.3. Parallel MAC (PMAC) 19 6.4. One-time MAC 20 6.5. Collision Resistance 21 7. 2/1: Collision Resistance 21 7.1. Collision Resistant Hash Functions 21 7.2. Construction of Collision Resistant Hash Functions 22 7.3. Provably Secure Compression Functions 23 8. 2/6: HMAC And Timing Attacks 23 8.1. HMAC 23 8.2.
  • Study on the Use of Cryptographic Techniques in Europe

    Study on the Use of Cryptographic Techniques in Europe

    Study on the use of cryptographic techniques in Europe [Deliverable – 2011-12-19] Updated on 2012-04-20 II Study on the use of cryptographic techniques in Europe Contributors to this report Authors: Edward Hamilton and Mischa Kriens of Analysys Mason Ltd Rodica Tirtea of ENISA Supervisor of the project: Rodica Tirtea of ENISA ENISA staff involved in the project: Demosthenes Ikonomou, Stefan Schiffner Agreements or Acknowledgements ENISA would like to thank the contributors and reviewers of this study. Study on the use of cryptographic techniques in Europe III About ENISA The European Network and Information Security Agency (ENISA) is a centre of network and information security expertise for the EU, its member states, the private sector and Europe’s citizens. ENISA works with these groups to develop advice and recommendations on good practice in information security. It assists EU member states in implementing relevant EU leg- islation and works to improve the resilience of Europe’s critical information infrastructure and networks. ENISA seeks to enhance existing expertise in EU member states by supporting the development of cross-border communities committed to improving network and information security throughout the EU. More information about ENISA and its work can be found at www.enisa.europa.eu. Contact details For contacting ENISA or for general enquiries on cryptography, please use the following de- tails: E-mail: [email protected] Internet: http://www.enisa.europa.eu Legal notice Notice must be taken that this publication represents the views and interpretations of the au- thors and editors, unless stated otherwise. This publication should not be construed to be a legal action of ENISA or the ENISA bodies unless adopted pursuant to the ENISA Regulation (EC) No 460/2004 as lastly amended by Regulation (EU) No 580/2011.
  • Corp Bro Inside Layout

    Corp Bro Inside Layout

    Message from the Director, NSA The National Security Agency’s rich legacy of cryptologic success serves not only as a reminder of our past triumphs, but also as an inspiration for our future. Harry Truman, the man responsible for signing the legislation that brought our Agency into existence, was once quoted as saying, “There is nothing new in the world except the history you do not know.” Like all truisms, it is only partially accurate. Each generation of Americans must at some point deal with unforeseen problems and issues that transcend the status quo. Most would agree that the challenges faced by NSA in today’s war against terrorism are far different from those of World War II, Vietnam, or Desert Storm. Even so, President Truman was correct in his assertion that there is much to be learned from the past. The history of the National Security Agency has in many respects been based on and characterized by feats of intellectual brilliance. Pioneers like William Friedman, Frank Rowlett, Dr. Louis Tordella, and Agnes Meyer Driscoll, to name but a few, were able to build on past successes and do whatever was necessary to meet the challenges of their time. We should not forget, however, that NSA’s success is due not just to the efforts of the well- known legends of the cryptologic past, but also to the dedicated work of thousands of men and women whose names will never be noted in any history book. History tells us that both genius and hard work are required to ensure success.
  • Using PSTN Encryption HC-2203 Over BGAN Version 1 3 September 2009

    Using PSTN Encryption HC-2203 Over BGAN Version 1 3 September 2009

    Using PSTN Encryption HC-2203 over BGAN Version 1 3 September 2009 inmarsat.com/bgan Whilst the information has been prepared by Inmarsat in good faith, and all reasonable efforts have been made to ensure its accuracy, Inmarsat makes no warranty or representation as to the accuracy, completeness or fitness for purpose or use of the information. Inmarsat shall not be liable for any loss or damage of any kind, including indirect or consequential loss, arising from use of the information and all warranties and conditions, whether express or implied by statute, common law or otherwise, are hereby excluded to the extent permitted by English law. INMARSAT is a trademark of the International Mobile Satellite Organisation, Inmarsat LOGO is a trademark of Inmarsat (IP) Company Limited. Both trademarks are licensed to Inmarsat Global Limited. © Inmarsat Global Limited 2009. All rights reserved. Contents 1 Overview 1 1.1 PSTN encryption explained 1 2 Typical users 1 3 Key features 1 4 Benefits to BGAN users 1 5 Setting up 1 5.1 Setting up HC-2203 PSTN Encryption 1 5.2 About your BGAN SIM card subscription 1 5.3 Setting up the EXPLORER 500/527 and EXPLORER 700 1 5.4 Setting up the Hughes 9201 or Hughes 9250 terminal 1 6 Technical specifications 1 7 General data 1 8 Further details and support 1 1 Overview Inmarsat BGAN offers the same telephony services as its predecessor system GAN, namely Standard Voice (compressed), ISDN Data and the Audio 3.1kHz service which can be used for fax and data communication.
  • SMPTE Standards Transition Issues for NIST/FIPS Requirements V1.1

    SMPTE Standards Transition Issues for NIST/FIPS Requirements V1.1

    SMPTE Standards Transition Issues for NIST/FIPS Requirements v1.1 2010.8.23 DRM inside, Taehyun Kim ETRI, Kisoon Yoon Contents 1 Introduction NIST (National Institute of Standards and Technology) published second draft special document 1 (SP 800-131, Recommendation for the Transitioning of Cryptographic Algorithms and Key Length) [28] in June, 2010. It includes transition recommendations through 9 items associated with the use of cryptography, whose purpose is to keep the security level being still higher as the more powerful computing techniques are available. The 9 items described in the SP 800-131 are: • Encryption (Sec. 2) • Digital Signature (Sec. 3) • Random Number Generation (Sec. 4) • Key Agreement Using Diffie-Hellman and MQV (Sec. 5) • Key Agreement and Key Transport Using RSA (Sec. 6) • Key Wrapping (Sec. 7) • GDIO Protocol (Sec 8.) • Deriving Additional Keys (Sec. 8) • Hash Function (Sec. 9) • Message Authentication Codes (Sec. 10) Currently, SMPTE documents2 refer to the FIPS (Federal Information Processing Standard) to use its cryptographic algorithms which are Secure Hash Standard (FIPS 180-1, 180-2) [1][2], Digital Signature Standard (FIPS 186-2, Jan. 2000) [4], Random Number Generation (FIPS 186-2, Jan. 2000), Advanced Encryption Standard (FIPS 197, Nov. 2001) [6] and Keyed-Hash Message Authentication Code (FIPS 198-1, Apr. 2002) [7]. As upgrade version of the FIPSs and new recommendation are published from the NIST, we need to consider impacts on the SMPTE standard documents. This report summarizes SMPTE documents in cryptographic point of view and new NIST requirements related to the cryptographic algorithm and strength to which SMPTE standards are referring.
  • Nist Sp 800-77 Rev. 1 Guide to Ipsec Vpns

    Nist Sp 800-77 Rev. 1 Guide to Ipsec Vpns

    NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel Karen Scarfone Paul Wouters This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 C O M P U T E R S E C U R I T Y NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel* Computer Security Division Information Technology Laboratory Karen Scarfone Scarfone Cybersecurity Clifton, VA Paul Wouters Red Hat Toronto, ON, Canada *Former employee; all work for this publication was done while at NIST This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 June 2020 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority.
  • (U) a History of Secure Voice Codin~: Insights Drawn from the Career of One of Tile Earliest Practitioners of the Art of Speech Coding JOSEPH P

    (U) a History of Secure Voice Codin~: Insights Drawn from the Career of One of Tile Earliest Practitioners of the Art of Speech Coding JOSEPH P

    DOCID: 3860926 UNCLASSIFIED Cryptologic Quarter1y (U) A History of Secure Voice Codin~: Insights Drawn from the Career of One of tile Earliest Practitioners of the Art of Speech Coding JOSEPH P. CAMPBELL, JR., and RICHARD A. DEAN Editor's Note: This artrde Is basecl on one publlshecl In Dlgittl Signal Processing, July 1993, wfth permission ofthe authors. The history of speech coding is closely tied to tion of PCM. A "Buzz" /"Hiss" generator was used the career of Tom Tremain. He joined the as an exciter for the vocoder corresponding to the National Security Agency i~ 1959 as an Air Force voiced/unvoiced attribute of each 20-ms speech lieutenant assigned to duty at the Agency. Llttle segment. Balance of the "Buzz" /"Hiss" generator, did he know then that this assignment would or voicing, represented a major factor in the qual­ shape his career as well as' the future of speech ity of the speech. Early practitioners of speech coding. 1 coders, like Tom, can still be found today speak­ I . ing"Aaahhh" /"Sshhhhh" into voice coders to test Thomas E. Tremain was the U.S. govern- this balance. ment's senior speech scientist. He was a recog­ nized leader and an expert in speech science. From the time of SIGSALY until Tom arrived 1 Tom's work spanned five dife3des of state-of-the- at NSA, several generations of voice coders had art modem and speech co<;Iing innovations that been developed in conjunction with Bell Labs. are the basis of virtually e~ery U.S. and NATO The K0-6 voice coder, developed in 1949 and modem and speech coding standard.
  • Encryption of Voice, Data and Video (Vdv) for Secure Terrestrial and Satellite Communications

    Encryption of Voice, Data and Video (Vdv) for Secure Terrestrial and Satellite Communications

    Dimov Stojce Ilcev / International Journal of New Technologies in Science and Engineering Vol. 2, Issue. 4,October 2015, ISSN 2349-0780 ENCRYPTION OF VOICE, DATA AND VIDEO (VDV) FOR SECURE TERRESTRIAL AND SATELLITE COMMUNICATIONS Stojce Dimov Ilcev Durban University of Technology (DUT), 133 Bencorrum, 183 Prince Street, Durban, South Africa Abstract: This paper introduces the Voice, Data and Video (VDV) encryption as protection shield for secure terrestrial and satellite communication systems deploying special hardware and software scrambling solutions against government or private surveillance and spying. The encryption covers fixed, personal and mobile (cellular) solutions including computer, fax and telex messaging modes for commercial and military applications. Keywords: Encryption, VDV/NSA, DES/AES, RSA/IBE I. INTRODUCTION Secure communication is when two entities are communicating and do not want a third party to listen in or to communicate in a way not susceptible to eavesdropping or interception. It includes means by which people can share mutual information with varying degrees of certainty that third parties cannot intercept what was said, heard, sent and saw. Other than spoken face-to-face communication with no possible eavesdropper, it is probably safe to say that no communication is guaranteed secure in this sense, although practical obstacles such as legislation, resources, technical issues (interception and encryption), and the sheer volume of communication serve to limit surveillance. In cryptography, encryption is the process of encoding voice (speech and fax), data (messages or text) and video (TV, videoconference and images) in such a way that only authorized parties can listen, read or see it properly. Encryption does not of itself prevent interception, but denies the speech, message and image content to the interceptor.