Latest Headlines

Latest Headlines

NIST awards $7M in NSTIC grants

The National Institute of Standards and Technology awarded $7 million in grants that will support five identity protection and verification pilots in support of National Strategy for Trusted Identities in Cyberspace implementation. The grants will further the work of multi-year  NSTIC  pilots that were  first unveiled in September 2012.

NIST, Forest Service: Wildfire risk ratings were useful

A rating system that assesses the risk that structures face from wildfires generally proved to be accurate, according to a report from the National Institute of Standards and Technology and the Forest Service that examined a major California wildfire from 2007.

Federal labs pumped $2.3 billion into Colorado economy

Colorado's federal laboratories added $2.3 billion to the state's economy in 2012, nearly double what the labs brought in 5 years ago a Sept. 5 CO-LABS  report  (.pdf) says. The National Institute of Standards and Technology Boulder lab contributed $187.7 million to the state economy and supported direct and indirect employment of 1,325 workers, the report says.

NIST issues digital forensics guide

Using sound methodology when examining a mobile device as part of a digital forensic investigation will ensure accurate reporting, says the National Institute of Standards and Technology in its recently-published guidelines on mobile device forensics.

Vouchers for manufacturing innovation touted at House hearing

The program, part of a bill (H.R. 1421) introduced in the House in April, would award vouchers worth up to $20,000 to small manufacturers to pay for technical expertise from universities or federal research institutions. Researchers would help the companies with early-stage product development and the commercialization of new technologies.

NIST advises against use of random bit generator algorithm apparently backdoored by NSA

The National Institute of Standards and Technology says cryptographers should not use for now a NIST random number generator algorithm whose trustworthiness has been called into question by leaks from former intelligence contractor Edward Snowden. NIST also says it will revise the special publication containing the algorithm,  SP 800-90A  (.pdf).

NSA inserted backdoor into NIST random number generator method

The NSA appears to have inserted a vulnerability into an encryption method adopted as a technical standard by NIST in 2006, says reporting based on more leaked documents from former intelligence contractor Edward Snowden. NIST said that it uses "a transparent, public process to rigorously vet our recommended standards. If vulnerabilities are found, we work with the cryptographic community to address them as quickly as possible."

New NIST technical specification allows derived PIV authentication for mobile devices

Agencies increasingly use,  or plan to use, the biometric data PIV cards to control access to agency networks, but the rise of mobile devices has put a crimp in that, since card readers may easily be integrated into desktops or laptops, but not smartphones or tablets.

NIST discussion draft of cybersecurity framework leaves many unanswered questions

NIST released the discussion  draft  (.pdf) Aug. 28 in anticipation of a fourth workshop on the framework set to be  held  in Dallas Sept. 11-13. A preliminary framework is due this October, with a finalized version due in February.  

USPS credentialing contract moves NSTIC forward

The Postal Service awarded Aug. 20 a $15 million contract to stand up a Federal Cloud Credential Exchange. The one-year pilot will create an authentication infrastructure that enables individuals to securely access online services at multiple federal agencies.