• “When will we be secure? Nobody knows for sure – but it cannot happen before commercial security products and services possess not only enough functionality to satisfy customers’ stated needs, but also sufficient assurance of quality, reliability, safety, and appropriateness for use. Such assurances are lacking in most of today’s commercial security products and services.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", 2005

    Read more...

  • "One often hears recommendations for key-sizes of public-key cryptosystems needed to obtain security for 30 years and even 50 years. Anyone wanting a real security of this magnitude should probably take the construction of the quantum computer into consideration."

    ECRYPT, “D.PROVI.3 – First Summary Report on Unconditionally Secure Protocols”, January 2005

    Read more...

  • "There is a good chance that large quantum computers can be built within the next 20 years.  This would be a nightmare for IT security if there are no fully developed, implemented, and standardized post-quantum signature schemes."

    Prof. Johannes Buchmann, et al, “Post-Quantum Signatures”, Oct 2004, Technische Universität Darmstadt

    Read more...
Home Resources Security bibliography Security Organisations, Projects, and Calls bibliography: US NIST Cryptographic Key Management Project
bibliography: US NIST Cryptographic Key Management Project
Project: Cryptographic Key Management Project
About CKM Project: Cryptographic Key Management (CKM) is a fundamental part of cryptographic technology and is considered one of the most difficult aspects associated with its use. Of particular concern are the scalability of the methods used to distribute keys and the usability of these methods. NIST has undertaken an effort to improve the overall key management strategies used by the public and private sectors in order to enhance the usability of cryptographic technology, provide scalability across cryptographic technologies, and support a global cryptographic key management infrastructure.
Organisation: US National Institute of Standards and Technology
About NIST: NIST, an agency of the U.S. Department of Commerce, was founded in 1901 as the United States' first federal physical science research laboratory. The NIST Computer Security Division collaborates with a number of national and international agencies and standards bodies to develop secure, interoperable security standards.
Quote: This Cryptographic Key Management Workshop is the kickoff activity in a ‘leap-ahead’ effort that we are undertaking as a part of the National Cybersecurity Initiative. The President recently announced the results of a cybersecurity policy review. Cybersecurity is a critical element in our national security posture. Our reliance on the internet is becoming nearly total. When the financial crisis hit Lehman Brothers, no one was paying close attention to the fact that most of the international fund transfers were going through that institution. Suddenly that capability was lost and what was a very serious situation turned into a real crisis. The role of key management in cybersecurity is critical.”
Quote: “Key management is critical for all sensitive information processing applications. Economic prosperity is a major goal and needs information security.


A graphical table illustrating several desired properties for new CKM designs made by senior NIST staff at the 2009 CKM Workshop



Quote: The NIST Computer Security Chief, C. Barker, stressed the urgency of finding a robust solution: “We're going to accept very high risks in our research because we're going for very high payoffs. We’re not going to accept high risks in the future Internet, because we don’t want the adversaries to have high payoffs.”
Quote: “We know how to handle key management reasonably effectively for up to a million people, we need to go a couple of orders of magnitude beyond that in the relatively near future”
Dates: Started June, 2009. Currently active.
Keywords: cryptographic key management, asymmetric cryptography, quantum computers, symmetric cryptography, identifier based encryption
Website: http://csrc.nist.gov/groups/ST/key_mgmt/
Deliverables: Barker, E., Branstad, D., Chokhani, S., and Smid, M. Cryptographic key management workshop summary (final). Interagency Report 7609, National Institute of Standards and Technology, June 2009.
Available at http://csrc.nist.gov/publications/nistir/ir7609/nistir-7609.pdf
See also: DHS Global-Scale Identity Management
IEEE Key Management Summit 2010
IBE enabling ubiquitous uptake of encryption
Behavioural Trust and Identity

Last Updated on Thursday, 03 June 2010 12:18
 

Related Items