FIPS 201--2 | Jul 9, 2012 | DRAFT Personal Identity Verification (PIV) of Federal Employees and Contractors (REVISED DRAFT) draft_nist-fips-201-2_revised.pdf |
| | comment-template_draft-nist-fips201-2_revised.xls |
| | draft-nist-fips-201-2-revised_track-changes.pdf |
| | draft-fips-201-2_comments_disposition-for-2011-draft.pdf |
FIPS 201--1 | Mar 2006 | Personal Identity Verification (PIV) of Federal Employees and Contractors (*including Change Notice 1 of June 23, 2006*) FIPS-201-1-chng1.pdf |
FIPS 200 | Mar 2006 | Minimum Security Requirements for Federal Information and Information Systems FIPS-200-final-march.pdf |
FIPS 198--1 | Jul 2008 | The Keyed-Hash Message Authentication Code (HMAC) FIPS-198-1_final.pdf |
FIPS 197 | Nov 2001 | Advanced Encryption Standard fips-197.pdf |
FIPS 190 | Sep 1994 | Guideline for the Use of Advanced Authentication Technology Alternatives fip190.txt |
FIPS 186--3 | Jun. 2009 | Digital Signature Standard (DSS) fips_186-3.pdf |
FIPS 180--4 | March 2012 | Secure Hash Standard (SHS) fips-180-4.pdf |
FIPS 140--3 | Dec. 11, 2009 | DRAFT Security Requirements for Cryptographic Modules (Revised Draft) revised-draft-fips140-3_PDF-zip_document-annexA-to-annexG.zip |
| | revised-fips140-3_comments-template.dot |
FIPS 140--2 | May 2001 | Security Requirements for Cryptographic Modules (*Includes Change Notices as of December 3, 2002*) fips1402.pdf |
| | fips1402annexa.pdf |
| | fips1402annexb.pdf |
| | fips1402annexc.pdf |
| | fips1402annexd.pdf |
FIPS 140--1 | Jan 1994 | FIPS 140-1: Security Requirements for Cryptographic Modules fips1401.pdf |
FIPS 113 | May 1985 | Computer Data Authentication (no electronic version available) ordering-pubs.html |
SP 800-153 | Feb. 2012 | Guidelines for Securing Wireless Local Area Networks (WLANs) sp800-153.pdf |
SP 800-127 | Sept. 2010 | Guide to Securing WiMAX Wireless Communications sp800-127.pdf |
SP 800-126 Rev. 2 | Sept. 2011 | The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2 SP800-126r2.pdf |
| | sp800-126r2-errata-20120409.pdf |
SP 800-126 Rev. 1 | Feb. 2011 | The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1 SP800-126r1.pdf |
SP 800-126 | Nov. 2009 | The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.0 sp800-126.pdf |
SP 800-125 | Jan. 2011 | Guide to Security for Full Virtualization Technologies SP800-125-final.pdf |
SP 800-124 Rev 1 | Jul 10, 2012 | DRAFT Guidelines for Managing and Securing Mobile Devices in the Enterprise draft_sp800-124-rev1.pdf |
SP 800-124 | Oct 2008 | Guidelines on Cell Phone and PDA Security SP800-124.pdf |
SP 800-123 | Jul 2008 | Guide to General Server Security SP800-123.pdf |
SP 800-122 | Apr. 2010 | Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) sp800-122.pdf |
SP 800-121 Rev. 1 | June 2012 | Guide to Bluetooth Security sp800-121_rev1.pdf |
SP 800-119 | Dec. 2010 | Guidelines for the Secure Deployment of IPv6 sp800-119.pdf |
SP 800-118 | Apr. 21, 2009 | DRAFT Guide to Enterprise Password Management draft-sp800-118.pdf |
SP 800-117 Rev. 1 | Jan. 6, 2012 | DRAFT Guide to Adopting and Using the Security Content Automation Protocol (SCAP) Version 1.2 Draft-SP800-117-r1.pdf |
SP 800-117 | July 2010 | Guide to Adopting and Using the Security Content Automation Protocol (SCAP) Version 1.0 sp800-117.pdf |
SP 800-115 | Sept 2008 | Technical Guide to Information Security Testing and Assessment SP800-115.pdf |
SP 800-114 | Nov 2007 | User's Guide to Securing External Devices for Telework and Remote Access SP800-114.pdf |
SP 800-113 | Jul 2008 | Guide to SSL VPNs SP800-113.pdf |
SP 800-111 | Nov 2007 | Guide to Storage Encryption Technologies for End User Devices SP800-111.pdf |
SP 800-107 Rev. 1 | Aug. 2012 | Recommendation for Applications Using Approved Hash Algorithms sp800-107-rev1.pdf |
SP 800-106 | Feb. 2009 | Randomized Hashing for Digital Signatures NIST-SP-800-106.pdf |
SP 800-102 | Sept. 2009 | Recommendation for Digital Signature Timeliness sp800-102.pdf |
SP 800-100 | Oct 2006 | Information Security Handbook: A Guide for Managers SP800-100-Mar07-2007.pdf |
SP 800-98 | Apr 2007 | Guidelines for Securing Radio Frequency Identification (RFID) Systems SP800-98_RFID-2007.pdf |
SP 800-97 | Feb 2007 | Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i SP800-97.pdf |
SP 800-95 | Aug 2007 | Guide to Secure Web Services SP800-95.pdf |
SP 800-90 C | Sept. 5, 2012 | DRAFT Recommendation for Random Bit Generator (RBG) Constructions draft-sp800-90c.pdf |
SP 800-90 B | Sept. 5, 2012 | DRAFT Recommendation for the Entropy Sources Used for Random Bit Generation draft-sp800-90b.pdf |
| | questions-about_draft-sp800-90b.pdf |
SP 800-90 A | Jan. 2012 | Recommendation for Random Number Generation Using Deterministic Random Bit Generators SP800-90A.pdf |
SP 800-89 | Nov 2006 | Recommendation for Obtaining Assurances for Digital Signature Applications SP-800-89_November2006.pdf |
SP 800-83 Rev. 1 | July 25, 2012 | DRAFT Guide to Malware Incident Prevention and Handling for Desktops and Laptops draft_sp800-83-rev1.pdf |
SP 800-83 | Nov 2005 | Guide to Malware Incident Prevention and Handling SP800-83.pdf |
SP 800-81 Rev. 1 | Apr. 2010 | Secure Domain Name System (DNS) Deployment Guide sp-800-81r1.pdf |
SP 800-78 -3 | Dec. 2010 | Cryptographic Algorithms and Key Sizes for Personal Identification Verification (PIV) sp800-78-3.pdf |
SP 800-77 | Dec 2005 | Guide to IPsec VPNs sp800-77.pdf |
SP 800-73 -3 | Feb. 2010 | Interfaces for Personal Identity Verification (4 Parts)
Pt. 1- End Point PIV Card Application Namespace, Data Model & Representation
Pt. 2- PIV Card Application Card Command Interface
Pt. 3- PIV Client Application Programming Interface
Pt. 4- The PIV Transitional Interfaces & Data Model Specification sp800-73-3_PART1_piv-card-applic-namespace-date-model-rep.pdf |
| | sp800-73-3_PART2_piv-card-applic-card-common-interface.pdf |
| | sp800-73-3_PART3_piv-client-applic-programming-interface.pdf |
| | sp800-73-3_PART4_piv-transitional-interface-data-model-spec.pdf |
SP 800-70 Rev. 2 | Feb. 2011 | National Checklist Program for IT Products: Guidelines for Checklist Users and Developers SP800-70-rev2.pdf |
SP 800-68 Rev. 1 | Oct. 2008 | Guide to Securing Microsoft Windows XP Systems for IT Professionals download_WinXP.html |
SP 800-67 Rev. 1 | Jan. 2012 | Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher SP-800-67-Rev1.pdf |
SP 800-66 Rev 1 | Oct 2008 | An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule SP-800-66-Revision1.pdf |
SP 800-58 | Jan 2005 | Security Considerations for Voice Over IP Systems SP800-58-final.pdf |
SP 800-57 Part 1 | Jul 2012 | Recommendation for Key Management: Part 1: General (Revision 3) sp800-57_part1_rev3_general.pdf |
SP 800-57 Part 2 | Aug 2005 | Recommendation for Key Management: Part 2: Best Practices for Key Management Organization SP800-57-Part2.pdf |
SP 800-57 Part 3 | Dec 2009 | Recommendation for Key Management, Part 3 Application-Specific Key Management Guidance sp800-57_PART3_key-management_Dec2009.pdf |
SP 800-56 B | Aug. 2009 | Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography sp800-56B.pdf |
SP 800-56 A | Mar 2007 | Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography SP800-56A_Revision1_Mar08-2007.pdf |
SP 800-56 A Rev | Aug 20, 2012 | DRAFT Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography
(Draft Revision) draft-sp-800-56a.pdf |
SP 800-54 | Jul 2007 | Border Gateway Protocol Security SP800-54.pdf |
SP 800-53 Rev. 4 | Feb. 5, 2013 | DRAFT Security and Privacy Controls for Federal Information Systems and Organizations (Final Public Draft) sp800_53_r4_draft_fpd.pdf |
| | sp800_53_r4_appendix_d_markup_draft2.pdf |
| | sp800_53_r4_appendix_f_markup_draft2.pdf |
| | sp800_53_r4_appendix_g_markup_draft2.pdf |
SP 800-53 Rev. 3 | Aug 2009 | Recommended Security Controls for Federal Information Systems and Organizations
(*Includes Updates as of May 1, 2010*) sp800-53-rev3-final_updated-errata_05-01-2010.pdf |
| | sp-800-53-rev3_database-beta.html |
| | 800-53-rev3_markup-final-public-draft-to-final-updated_may-01-2010.pdf |
| | 800-53-rev3_markup-rev2-to-rev3_updated-may-01-2010.pdf |
| | 800-53-rev3-Annex1_updated_may-01-2010.pdf |
| | 800-53-rev3-Annex2_updated_may-01-2010.pdf |
| | 800-53-rev3-Annex3_updated_may-01-2010.pdf |
| | SP_800-53_Rev-3_database-R1.4.1-BETA.zip |
SP 800-52 | Jun 2005 | Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations SP800-52.pdf |
SP 800-49 | Nov 2002 | Federal S/MIME V3 Client Profile sp800-49.pdf |
SP 800-48 Rev. 1 | Jul 2008 | Guide to Securing Legacy IEEE 802.11 Wireless Networks SP800-48r1.pdf |
SP 800-46 Rev. 1 | Jun. 2009 | Guide to Enterprise Telework and Remote Access Security sp800-46r1.pdf |
SP 800-45 Version 2 | Feb 2007 | Guidelines on Electronic Mail Security SP800-45v2.pdf |
SP 800-44 Version 2 | Sep 2007 | Guidelines on Securing Public Web Servers SP800-44v2.pdf |
SP 800-41 Rev. 1 | Sept. 2009 | Guidelines on Firewalls and Firewall Policy sp800-41-rev1.pdf |
SP 800-38 F | Dec. 2012 | Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping dx.doi.org/10.6028/NIST.SP.800-38F |
SP 800-38 A | Dec 2001 | Recommendation for Block Cipher Modes of Operation - Methods and Techniques sp800-38a.pdf |
SP 800-38 A - Addendum | Oct. 2010 | Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode addendum-to-nist_sp800-38A.pdf |
SP 800-38 B | May 2005 | Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication SP_800-38B.pdf |
| | Updated_CMAC_Examples.pdf |
SP 800-38 C | May 2004 | Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality SP800-38C_updated-July20_2007.pdf |
SP 800-38 D | Nov 2007 | Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC SP-800-38D.pdf |
SP 800-38 E | Jan. 2010 | Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices nist-sp-800-38E.pdf |
SP 800-36 | Oct 2003 | Guide to Selecting Information Technology Security Products NIST-SP800-36.pdf |
SP 800-32 | Feb 2001 | Introduction to Public Key Technology and the Federal PKI Infrastructure sp800-32.pdf |
SP 800-29 | Jun 2001 | A Comparison of the Security Requirements for Cryptographic Modules in FIPS 140-1 and FIPS 140-2 sp800-29.pdf |
SP 800-28 Version 2 | Mar 2008 | Guidelines on Active Content and Mobile Code SP800-28v2.pdf |
SP 800-25 | Oct 2000 | Federal Agency Use of Public Key Technology for Digital Signatures and Authentication sp800-25.pdf |
SP 800-22 Rev. 1a | Apr. 2010 | A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications SP800-22rev1a.pdf |
SP 800-21 2nd edition | Dec 2005 | Guideline for Implementing Cryptography in the Federal Government sp800-21-1_Dec2005.pdf |
SP 800-20 | Oct 1999 | Modes of Operation Validation System for the Triple Data Encryption Algorithm (TMOVS): Requirements and Procedures (*Includes updates as of March 2012*) 800-20.pdf |
SP 800-19 | Oct 1999 | Mobile Agent Security sp800-19.pdf |
SP 800-17 | Feb 1998 | Modes of Operation Validation System (MOVS): Requirements and Procedures 800-17.pdf |
SP 800-15 Version 1 | Jan 1998 | MISPC Minimum Interoperability Specification for PKI Components SP800-15.PDF |
SP 800-14 | Sep 1996 | Generally Accepted Principles and Practices for Securing Information Technology Systems 800-14.pdf |
SP 800-12 | Oct 1995 | An Introduction to Computer Security: The NIST Handbook handbook.pdf |
| | index.html |
NIST IR 7904 | Dec. 21, 2012 | DRAFT Trusted Geolocation in the Cloud: Proof of Concept Implementation draft_nistir_7904.pdf |
NIST IR 7848 | May 7, 2012 | DRAFT Specification for the Asset Summary Reporting Format 1.0 draft_nistir_7848.pdf |
NIST IR 7831 | Dec. 6, 2011 | DRAFT Common Remediation Enumeration (CRE) Version 1.0 Draft-NISTIR-7831.pdf |
NIST IR 7800 | Jan. 20, 2012 | DRAFT Applying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains Draft-NISTIR-7800.pdf |
NIST IR 7799 | Jan. 6, 2012 | DRAFT Continuous Monitoring Reference Model Workflow, Subsystem, and Interface Specifications Draft-NISTIR-7799.pdf |
NIST IR 7756 | Jan. 6, 2012 | DRAFT CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture Draft-NISTIR-7756_second-public-draft.pdf |
NIST IR 7676 | June 2010 | Maintaining and Using Key History on Personal Identity Verification (PIV) Cards nistir-7676.pdf |
NIST IR 7621 | Oct. 2009 | Small Business Information Security: The Fundamentals nistir-7621.pdf |
ITL October 2008 | Oct 2008 | Keeping Information Technology (It) System Servers Secure: A General Guide To Good Practices October2008-bulletin_800-123.pdf |
ITL July 2007 | Jul 2007 | Border Gateway Protocol Security - ITL Security Bulletin b-July-2007.pdf |
ITL May 2007 | May 2007 | Securing Radio Frequency Identification (RFID) Systems - ITL Security Bulletin b-May-2007.pdf |
ITL April 2007 | Apr 2007 | Securing Wireless Networks - ITL Security Bulletin b-April-07.pdf |
ITL March 2007 | Mar 2007 | Improving The Security Of Electronic Mail: Updated Guidelines Issued By NIST - ITL Security Bulletin b-03-07.pdf |
ITL January 2007 | Jan 2007 | Security Controls For Information Systems: Revised Guidelines Issued By NIST - ITL Security Bulletin b-01-07.pdf |
ITL November 2006 | Nov 2006 | Guide To Securing Computers Using Windows XP Home Edition - ITL Security Bulletin b-11-06.pdf |
ITL June 2006 | Jun 2006 | Domain Name System (DNS) Services: NIST Recommendations For Secure Deployment - ITL Security Bulletin b-06-06.pdf |
ITL May 2006 | May 2006 | An Update On Cryptographic Standards, Guidelines, And Testing Requirements - ITL Security Bulletin b-05-06.pdf |
ITL April 2006 | Apr 2006 | Protecting Sensitive Information Transmitted in Public Networks - ITL Security Bulletin b-04-06.pdf |
ITL March 2006 | Mar 2006 | Minimum Security Requirements For Federal Information And Information Systems: Federal Information Processing Standard (FIPS) 200 Approved By The Secretary Of Commerce - ITL Security Bulletin b-March-06.pdf |
ITL January 2006 | Jan 2006 | Testing And Validation Of Personal Identity Verification (PIV) Components And Subsystems For Conformance To Federal Information Processing Standard 201 - ITL Security Bulletin b-01-06.pdf |
ITL February 2000 | Feb 2000 | Guideline for Implementing Cryptography in the Federal Government - ITL Security Bulletin 02-00.pdf |