• “Briefly and simply, assurance work makes a user or a creditor more confident that the system works as intended without flaws, without surprises, even in the presence of malice.” … “The major shortfall is absence of assurance or safety mechanisms in software.  If my car crashed as often as my computer does, I’d be dead by now.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", AusCERT 2008

    Read more...
  • “Business now relies on information infrastructures that are interlinked and interdependent… The way in which these hidden interdependencies pervade our everyday lives is staggering and, in some cases, may go unchecked for many years until an incident occurs that revels the true nature of the interdependences' impact.”

    The British Government’s Technology Strategy Board, 2008
    Read more...

  • “So the threat to cryptography is well understood due to work by Peter Shor and others. A symmetric algorithm like AES or others standard crypto processes is cut (of) key-size in half, which is a dramatic reduction. ... For key management purposes, against the RSA and the Diffie-Hellman and stuff, they flat-line under a quantum computer.

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), Public Key Cryptography 30th Anniversary Conference, Dec 2006

    Read more...
Home Resources Security bibliography Security Organisations, Projects, and Calls bibliography: US NIST Cryptographic Key Management Project
bibliography: US NIST Cryptographic Key Management Project
Project: Cryptographic Key Management Project
About CKM Project: Cryptographic Key Management (CKM) is a fundamental part of cryptographic technology and is considered one of the most difficult aspects associated with its use. Of particular concern are the scalability of the methods used to distribute keys and the usability of these methods. NIST has undertaken an effort to improve the overall key management strategies used by the public and private sectors in order to enhance the usability of cryptographic technology, provide scalability across cryptographic technologies, and support a global cryptographic key management infrastructure.
Organisation: US National Institute of Standards and Technology
About NIST: NIST, an agency of the U.S. Department of Commerce, was founded in 1901 as the United States' first federal physical science research laboratory. The NIST Computer Security Division collaborates with a number of national and international agencies and standards bodies to develop secure, interoperable security standards.
Quote: This Cryptographic Key Management Workshop is the kickoff activity in a ‘leap-ahead’ effort that we are undertaking as a part of the National Cybersecurity Initiative. The President recently announced the results of a cybersecurity policy review. Cybersecurity is a critical element in our national security posture. Our reliance on the internet is becoming nearly total. When the financial crisis hit Lehman Brothers, no one was paying close attention to the fact that most of the international fund transfers were going through that institution. Suddenly that capability was lost and what was a very serious situation turned into a real crisis. The role of key management in cybersecurity is critical.”
Quote: “Key management is critical for all sensitive information processing applications. Economic prosperity is a major goal and needs information security.


A graphical table illustrating several desired properties for new CKM designs made by senior NIST staff at the 2009 CKM Workshop



Quote: The NIST Computer Security Chief, C. Barker, stressed the urgency of finding a robust solution: “We're going to accept very high risks in our research because we're going for very high payoffs. We’re not going to accept high risks in the future Internet, because we don’t want the adversaries to have high payoffs.”
Quote: “We know how to handle key management reasonably effectively for up to a million people, we need to go a couple of orders of magnitude beyond that in the relatively near future”
Dates: Started June, 2009. Currently active.
Keywords: cryptographic key management, asymmetric cryptography, quantum computers, symmetric cryptography, identifier based encryption
Website: http://csrc.nist.gov/groups/ST/key_mgmt/
Deliverables: Barker, E., Branstad, D., Chokhani, S., and Smid, M. Cryptographic key management workshop summary (final). Interagency Report 7609, National Institute of Standards and Technology, June 2009.
Available at http://csrc.nist.gov/publications/nistir/ir7609/nistir-7609.pdf
See also: DHS Global-Scale Identity Management
IEEE Key Management Summit 2010
IBE enabling ubiquitous uptake of encryption
Behavioural Trust and Identity

Last Updated on Thursday, 03 June 2010 12:18
 
Add to: Facebook Add to: Mr. Wong Add to: Buzka Add to: Windows Live Add to: Ximmy Add to: Favoriten.de Add to: Social Bookmark Portal Add to: Bookmarks.cc Add to: Newskick Add to: Newsider Add to: Linksilo Add to: Readster Add to: Yigg Add to: Linkarena Add to: Digg Add to: Del.icoi.us Add to: Reddit Add to: Jumptags Add to: Upchuckr Add to: Simpy Add to: StumbleUpon Add to: Slashdot Add to: Netscape Add to: Furl Add to: Yahoo Add to: Blogmarks Add to: Diigo Add to: Technorati Add to: Newsvine Add to: Blinkbits Add to: Ma.Gnolia Add to: Netvouz Add to: Folkd Add to: Spurl Add to: Google Add to: Blinklist Information

Related Items