量子计算影响下的加密技术:对称密钥与非对称密钥的权衡

NIST
SP800
需积分: 9 0 下载量 112 浏览量 更新于2024-07-16 收藏 1.81MB PDF 举报
"NIST SP800-71-draft.pdf" 本文档是NIST(美国国家标准与技术研究所)的一份草案,名为《使用对称块密码的密钥建立推荐》,由Elaine Barker和William C. Barker共同撰写。该文档主要探讨了对称密钥和非对称密钥加密算法在信息安全中的应用和差异。 对称密钥加密是一种通信保护机制,发送方和接收方使用相同的密钥进行加密和解密,与之不同的是非对称密钥加密,其中每个参与方拥有一个私钥(仅自己知道)和一个公钥(可公开)。SP 800-175B第3部分讨论了这两种算法类型,包括各自的优缺点。对称密钥加密通常计算效率更高,而非对称密钥加密则在源认证方面表现出更好的特性,例如通过数字签名提供更高级别的保障。对称密钥加密在管理大量密钥关系时更为复杂,而非对称密钥加密则相对简单。 近期,由于量子计算技术的崛起,人们对其可能对现有非对称算法安全性的潜在影响表示担忧(参考NISTIR 81056)。一旦量子计算机成熟,使用当前批准的非对称密钥算法保护的密钥可能会被对手获取。相比之下,对称密钥算法受到的影响较小,通过增大密钥长度即可维持安全性。因此,在量子时代,足够大的对称密钥算法和哈希函数仍可使用。 目前,研究人员正在开发量子抗性非对称密钥算法,但预计替换工作可能要到2020年左右才开始,且要到2030年代才能完成。对于信息安全极为重要的情况,如果当前使用非对称密钥保护的信息需要长期保持安全,那么必须考虑这些长期策略。 NIST作为依据联邦信息安全管理法案(FISMA)的法定机构,负责制定信息安全管理标准和指南,包括联邦信息系统最低要求,但这些标准和指南不适用于未经明确批准的国家安全系统。 该文档详细介绍了如何使用对称块密码进行密钥建立,为关键管理和数据保护提供了指导,旨在确保在新兴技术威胁下,联邦政府的信息安全能够得到有效的保护和适应。

NIST SP800-160-vol2-draft.pdf

2020-02-25 上传
INTRODUCTION THE NEED FOR CYBER RESILIENT SYSTEMS he need for trustworthy secure systems1 stems from a variety of stakeholder needs that are driven by mission, business, and other objectives and concerns. The principles, concepts, and practices for engineering trustworthy secure systems can be expressed in various ways, depending on which aspect of trustworthiness is of concern to stakeholders. [NIST 800-160, Vol.1] provides guidance on systems security engineering with an emphasis on protection against asset loss.2 In addition to security, other aspects of trustworthiness include, for example, reliability, safety, resilience, and privacy. Specialty engineering disciplines address different aspects of trustworthiness. While each specialty discipline frames the problem domain and the potential solution space for its aspect of trustworthiness somewhat differently, [NIST 800-160, Vol. 1] includes systems engineering processes to align the concepts, frameworks, and analytic processes from multiple disciplines to make trade-offs within and between the various aspects of trustworthiness applicable to a system-of-interest.3 NIST Special Publication 800-160, Volume 2 focuses on the property of cyber resiliency, which has a strong relationship to security and resilience, but which provides a distinctive framework for its identified problem domain and solution space. Cyber resiliency is the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources regardless of the source.4 Cyber resiliency supports mission assurance in a contested environment, for missions which depend on systems which include cyber resources. A cyber resource is an information resource which creates, stores, processes, manages, transmits, or disposes of information in electronic form and which can be accessed via a network or using networking methods. A cyber resource which can be accessed via a network exists in or has a presence in cyberspace. However, some information resources are designed to be accessed using a networking method only intermittently (e.g., via a low-power connection to check the status of an insulin pump; via a wired connection to upgrade software in an embedded avionic device). These cyber resources are characterized as operating primarily in stand-off mode.5

NIST.SP.800-53r5-draft.pdf

2020-08-04 上传
NIST SP 800-53r5-draft 是美国国家标准与技术研究所(NIST)发布的一个重要的安全和隐私控制标准的第五版草案。该文档着重于改进信息安全和隐私的管理,旨在为信息系统和组织提供一个综合性的控制目录。这份2020年3...

NIST SP800-175Br1-draft.pdf

2020-02-28 上传
Cryptographic publications of the National Institute of Standards and Technology (NIST) provide guidance regarding how cryptographic protection is to be implemented, but do not specify when ...

NIST SP800-133r1-draft.pdf

2020-02-25 上传
The National Institute of Standards and Technology (NIST) has developed a wide variety of Federal Information Processing Standards (FIPS) and NIST Special Publications (SPs) to specify and approve ...

NIST SP800-38Gr1-draft.pdf

2020-02-14 上传
This Recommendation specifies two methods, called FF1 and FF3-1, for format-preserving 108 encryption. Both of these methods are modes of operation for an underlying, approved symmetric109 ...

NIST SP800-52r2-draft2.pdf

2020-02-18 上传
1 Introduction 252 Transport Layer Security (TLS) protocols are used to secure communications in a wide variety of 253 online transactions such as financial transactions (e.g., banking, trading ...

NIST SP800-73-2_part1-datamodel-final.pdf

2020-02-21 上传
NIST is pleased to announce the release of NIST Special Publication 800-73-2, Interfaces for Personal Identity Verification. Special Publication 800-73-2 (SP 800-73-2) specifies the PIV data model, ...

NIST SP800-60 Vol1 Rev1.pdf

2020-02-18 上传
Title III of the E-Government Act (Public Law 107-347), titled the Federal Information Security Management Act (FISMA), tasked the National Institute of Standards and Technology (NIST) to develop: ...

nist sp800-16标准

2018-07-16 上传
根据给定文件信息,我们将详细解读“NIST SP800-16标准”的相关知识点,该标准被命名“NIST Special Publication 800-16 Revision 1 (3rd Draft): A Role-Based Model for Federal Information Technology/Cyber...

NIST SP800-133r1草案:加密密钥生成指南

点击了解资源详情
"NIST SP800-133r1-draft.pdf" 是一份由美国国家标准与技术研究所(NIST)发布的关于密码学密钥生成的草案指南,主要针对联邦政府的信息技术安全环境。这份文档详细阐述了在保护敏感、高价值或易受未经授权披露或未...
艾米的爸爸
  • 粉丝: 799
  • 资源: 314
上传资源 快速赚钱

最新资源