Cryptography is often used in an information technology security environment to protect data that is sensitive, has a high value, or is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage. Cryptography relies upon two basic components: an algorithm (or cryptographic methodology) and a cryptographic key. This Recommendation discusses the generation of the keys to be managed and used by the approved cryptographic algorithms.

This Recommendation provides cryptographic key-management guidance. It consists of three parts. Part 1 provides general guidance and best practices for the management of cryptographic keying material, including definitions of the security services that may be provided when using cryptography and the algorithms and key types that may be employed, specifications of the protection that each type of key and other cryptographic information requires and methods for providing this protection, discussions about the functions involved in key management, and discussions about a variety of key-management issues to be addressed when using cryptography. Part 2 provides guidance on policy and security planning requirements for U.S. government agencies. Part 3 provides guidance when using the cryptographic features of current systems.

This Recommendation specifies techniques for the derivation of keying material from a shared secret established during a key-establishment scheme defined in NIST Special Publications 800-56A or 800-56B.

This Recommendation specifies four types of SHA-3-derived functions: cSHAKE, KMAC, TupleHash, and ParallelHash, each defined for a 128- and 256-bit security strength. cSHAKE is a customizable variant of the SHAKE function, as defined in Federal Information Processing Standard (FIPS) 202. KMAC (for KECCAK Message Authentication Code) is a variable-length message authentication code algorithm based on KECCAK; it can also be used as a pseudorandom function. TupleHash is a variable-length hash function designed to hash tuples of input strings without trivial collisions. ParallelHash is a variable-length hash function that can hash very long messages in parallel.

This Standard specifies a suite of algorithms that can be used to generate a digital signature. Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory. In addition, the recipient of signed data can use a digital signature as evidence in demonstrating to a third party that the signature was, in fact, generated by the claimed signatory. This is known as non-repudiation, since the signatory cannot easily repudiate the signature at a later time.

Modern developments in theoretical and applied science depend on knowledge of the properties of mathematical functions, from elementary trigonometric functions to the multitude of special functions. These functions appear whenever natural phenomena are studied, engineering problems are formulated, and numerical simulations are performed. They also crop up in statistics, financial models, and economic analysis. Using them effectively requires practitioners to have ready access to a reliable collection of their properties. This handbook results from a 10-year project conducted by the National Institute of Standards and Technology with an international group of expert authors and validators. Printed in full color, it is destined to replace its predecessor, the classic but long-outdated Handbook of Mathematical Functions, edited by Abramowitz and Stegun. Included with every copy of the book is a CD with a searchable PDF of each chapter.

随机数测试：NIST测试教程

不管是什么 SDLC 方法，应当把软件安全开发实践在整个过程中进行集成，目的有三个:一是减少发布软件的漏洞数量;二是缓解未检出或 未处置漏洞被利用时的影响;三是找出安全漏洞产生的根本原因加以处置以避免再生。有很多安全方面的考虑可以在 SDLC 的多个阶段实施，但是一般情况下，越早处置安全问题，达到相同的安全水平所需的努力和成本就越低。这个原则被称为“左移(shifting left)”，它非常重要，且 无关于所采用的 SDLC 方法。 SSDF 白皮书没有引入新的实践或定义新的术语，相反，它基于现有的标准、指南和软件安全开发实践文档，描述了一个高级别实践的集合。

安全控制 NIST SP800-53 等保

关于nist sp 800-53的详细分析，说明。帮助安全人员快速掌握sp 800-53的要点