文档是早期对NIST SP800-82的翻译稿，供大家参考。

针对随机数与伪随机数生成的NIST规范文档

NIST SP800-181 网络空间安全人才框架 NCWF，National Initiative for CybersecurityEducation (NICE)中文译本

中文版《工业控制系统安全指南》(NIST-SP800-82)

Many U.S. Government Information Technology (IT) systems need to employ well-established cryptographic schemes to protect the integrity and confidentiality of the data that they process. Algorithms such as the Advanced Encryption Standard (AES) as defined in Federal Information Processing Standard (FIPS) 197, Triple DES as specified in NIST Special Publication (SP) 80067, and HMAC as defined in FIPS 198 make attractive choices for the provision of these services. These algorithms have been standardized to facilitate interoperability between systems. However, the use of these algorithms requires the establishment of shared secret keying material in advance. Trusted couriers may manually distribute this secret keying material. However, as the number of entities using a system grows, the work involved in the distribution of the secret keying material could grow rapidly. Therefore, it is essential to support the cryptographic algorithms used in modern U.S. Government applications with automated key establishment schemes.

工控安全指南中文版 方便国内工业控制系统相关设计人员查看 阅读

《工业控制系统安全指南》 此文件提供建立安全的工业控制系统（ ICS ）的指导。这些 ICS 包括监控和 包括监控和 数据采集（ 数据采集（ SCADA ）系统，分布式控制（ ）系统，分布式控制（ ）系统，分布式控制（ ）系统，分布式控制（ ）系统，分布式控制（ DCS ），和其他控制系统 ），和其他控制系统 ），和其他控制系统 ），和其他控制系统 ，如在工业 部门和关键基础设施中经常可以看到的撬装式 部门和关键基础设施中经常可以看到的撬装式 部门和关键基础设施中经常可以看到的撬装式 部门和关键基础设施中经常可以看到的撬装式 部门和关键基础设施中经常可以看到的撬装式 部门和关键基础设施中经常可以看到的撬装式 的可编程逻辑控制器（ 的可编程逻辑控制器（ 的可编程逻辑控制器（ PLC ）。 ICS 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 通常用于诸如电力、水和污处理石油天然气化工交运输制药纸 浆和造纸、食品饮料以及离散制（如汽车航空天耐用）等行业。这 浆和造纸、食品饮料以及离散制（如汽车航空天耐用）等行业。这 浆和造纸、食品饮料以及离散制（如汽车航空天耐用）等行业。这 浆和造纸、食品饮料以及离散制（如汽车航空天耐用）等行业。这 浆和造纸、食品饮料以及离散制（如汽车航空天耐用）等行业。

The use of cryptographic mechanisms is one of the strongest ways to provide security services for electronic applications and protocols and for data storage. The National Institute of Standards and Technology (NIST) publishes Federal Information Processing Standards (FIPS) and NIST Recommendations (which are published as Special Publications) that specify cryptographic techniques for protecting sensitive, unclassified information. Since NIST published the Data Encryption Standard (DES) in 1977, the suite of approved standardized algorithms has been growing. New classes of algorithms have been added, such as secure hash functions and asymmetric key algorithms for digital signatures. The suite of algorithms now provides different levels of cryptographic strength through a variety of key sizes. The algorithms may be combined in many ways to support increasingly complex protocols and applications. This NIST Recommendation applies to U.S. government agencies using cryptography for the protection of their sensitive, unclassified information. This Recommendation may also be followed, on a voluntary basis, by other organizations that want to implement sound security principles in their computer systems. The proper management of cryptographic keys is essential to the effective use of cryptography for security. Keys are analogous to the combination of a safe. If an adversary knows the combination, the strongest safe provides no security against penetration. Similarly, poor key management may easily compromise strong algorithms. Ultimately, the security of information protected by cryptography directly depends on the strength of the keys, the effectiveness of the mechanisms and protocols associated with the keys, and the protection afforded the keys. Cryptography can be rendered ineffective by the use of weak products, inappropriate algorithm pairing, poor physical security, and the use of weak protocols. All keys need to be protected against unauthorized substitution and m

本压缩包里有我整理的关于SP800-22随机性测试套件的相关程序、文章以及安装包。

美国国家标准和技术学会(NIST)信息技术实验室(ITL)通过对国家测量和标准体系提供技术指导而促进美国经济和公共事业的发展。ITL通过开发测试、测试方法、参考数据、对概念的证明、以及技术分析来改善信息技术的开发和生产应用。ITL的职责包括开发应用于联邦计算机系统中为敏感信息提供经济有效的安全和隐私保护的相关技术性、物理性、行政性和管理性的标准和指导方针。