CINXE.COM

Multi-Party Threshold Cryptography | CSRC

<!DOCTYPE html> <html lang="en-us" xml:lang="en-us"> <head> <meta charset="utf-8" /> <title>Multi-Party Threshold Cryptography | CSRC</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> <meta http-equiv="content-style-type" content="text/css" /> <meta http-equiv="content-script-type" content="text/javascript" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="msapplication-config" content="/CSRC/Media/images/favicons/browserconfig.xml" /> <meta name="theme-color" content="#000000" /> <meta name="google-site-verification" content="xbrnrVYDgLD-Bd64xHLCt4XsPXzUhQ-4lGMj4TdUUTA" /> <meta name="description" content="The multi-party paradigm of threshold cryptography enables threshold schemes, for a secure distribution of trust in the operation of cryptographic primitives. 2024: NIST IR 8214B (on Threshold EdDSA) and&#160;NIST IR 8214C (with the Threshold Call) are being..." /> <!-- dcterms meta information --> <meta name="dcterms.title" content="Multi-Party Threshold Cryptography | CSRC | CSRC" /> <meta name="dcterms.description" content="The multi-party paradigm of threshold cryptography enables threshold schemes, for a secure distribution of trust in the operation of cryptographic primitives. 2024: NIST IR 8214B (on Threshold EdDSA) and&#160;NIST IR 8214C (with the Threshold Call) are being..." /> <meta name="dcterms.creator" content="Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology, U.S. Department of Commerce" /> <meta name="dcterms.date.created" scheme="ISO8601" content="2018-07-26" /> <meta name="dcterms.date.reviewed" scheme="ISO8601" content="2024-11-21" /> <meta name="dcterms.language" scheme="DCTERMS.RFC1766" content="EN-US" /> <!-- Facebook OpenGraph Tags --> <meta name="og:site_name" content="CSRC | NIST" /> <meta name="og:type" content="article" /> <meta name="og:url" content="https://csrc.nist.gov/Projects/threshold-cryptography" /> <meta name="og:title" content="Multi-Party Threshold Cryptography | CSRC | CSRC" /> <meta name="og:description" content="The multi-party paradigm of threshold cryptography enables threshold schemes, for a secure distribution of trust in the operation of cryptographic primitives. 2024: NIST IR 8214B (on Threshold EdDSA) and&#160;NIST IR 8214C (with the Threshold Call) are being revised. Threshold Call: A 2nd public draft (2pd) of IR 8214C will be published, some time after gauging opinions in the MPTC-forum about planned changes compared to the initial public draft (ipd). Threshold EdDSA: The final version of IR 8214B will integrate notes about related protocol approaches published since the initial public draft (ipd). The NIST Threshold Call What are Threshold Schemes The multi-party threshold paradigm Using a “secret sharing” mechanism, the secret key is split across multiple &#39;parties&#39;. Then, if some (up to a threshold f out of n) of these parties are corrupted, the key secrecy remains uncompromised. The cryptographic operation that depends on the key is then performed via a threshold scheme, using secure..." /> <meta name="article:tag" content="digital signatures; encryption; key management; message authentication; post-quantum cryptography; secure hashing; standards development" /> <meta name="article:published_time" content="2018-07-26" /> <meta name="article:modified_time" content="2024-11-21" /> <link rel="apple-touch-icon" sizes="180x180" href="/images/icons/apple-touch-icon.png" /> <link rel="icon" type="image/png" href="/images/icons/favicon-32x32.png" sizes="32x32" /> <link rel="icon" type="image/png" href="/images/icons/favicon-16x16.png" sizes="16x16" /> <link rel="manifest" href="/images/icons/manifest.json" /> <link rel="mask-icon" href="/images/icons/safari-pinned-tab.svg" color="#000000" /> <link href="/CSRC/Media/images/favicons/favicon.ico" type="image/x-icon" rel="shortcut icon" /> <link href="/CSRC/Media/images/favicons/favicon.ico" type="image/x-icon" rel="icon" /> <link href="/dist/app.css" rel="stylesheet" /> <!-- Highlight.js --> <link href="/dist/highlight-js/github.css" rel="stylesheet" /> <!-- USWDS Top --> <link href="/dist/uswds/css/uswds.css" type="text/css" rel="stylesheet" /> <script type="text/javascript" src="/dist/uswds/js/uswds-init.min.js"></script> <!-- reCAPTCHA v3 --> <style> .grecaptcha-badge { visibility: hidden; } </style> <script async type="text/javascript" id="_fed_an_ua_tag" src="https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=nist&subagency=csrc&pua=UA-66610693-15&yt=true&exts=xsd,xml,wav,mpg,mpeg,avi,rtf,webm,ogg,ogv,oga,map,otf,eot,svg,ttf,woff"></script> <style id="antiClickjackCss"> body > * { display: none !important; } #antiClickjack { display: block !important; } </style> <noscript> <style id="antiClickjackNoScript"> body > * { display: block !important; } #antiClickjack { display: none !important; } </style> </noscript> <script type="text/javascript" id="antiClickjackScript"> if (self === top) { // no clickjacking var antiClickjack = document.getElementById("antiClickjackCss"); antiClickjack.parentNode.removeChild(antiClickjack); } else { setTimeout(tryForward(), 5000); } function tryForward() { top.location = self.location; } </script> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-TSQ0PLGJZP"></script> <script>   window.dataLayer = window.dataLayer || [];   function gtag(){dataLayer.push(arguments);}   gtag('js', new Date());   gtag('config', 'G-TSQ0PLGJZP'); </script> <!-- Google Tag Manager --> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-MZQC4NCJ');</script> <!-- End Google Tag Manager --> </head> <body> <!-- Google Tag Manager (noscript) --> <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-MZQC4NCJ" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript> <!-- End Google Tag Manager (noscript) --> <div id="antiClickjack" style="display: none;"> <strong style="font-size: 1.6rem;">You are viewing this page in an unauthorized frame window.</strong> <p>This is a potential security issue, you are being redirected to <a href="https://csrc.nist.gov">https://csrc.nist.gov</a>.</p> </div> <section class="usa-banner" aria-label="Official website of the United States government"> <div class="usa-accordion"> <header class="usa-banner__header"> <noscript> <p style="font-size: 0.85rem; font-weight: bold;">You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.</p> </noscript> <div class="usa-banner__inner"> <div class="grid-col-auto"> <img aria-hidden="true" class="usa-banner__header-flag" src="/dist/uswds/img/us_flag_small.png" alt=""/> </div> <div class="grid-col-fill tablet:grid-col-auto" aria-hidden="true"> <p class="usa-banner__header-text"> An official website of the United States government </p> <p class="usa-banner__header-action">Here’s how you know</p> </div> <button type="button" class="usa-accordion__button usa-banner__button" aria-expanded="false" aria-controls="gov-banner-default"> <span class="usa-banner__button-text">Here’s how you know</span> </button> </div> </header> <div class="usa-banner__content usa-accordion__content" id="gov-banner-default"> <div class="grid-row grid-gap-lg"> <div class="usa-banner__guidance tablet:grid-col-6"> <img class="usa-banner__icon usa-media-block__img" src="/dist/uswds/img/icon-dot-gov.svg" role="img" alt="" aria-hidden="true"/> <div class="usa-media-block__body"> <p> <strong>Official websites use .gov</strong><br/>A <strong>.gov</strong> website belongs to an official government organization in the United States. </p> </div> </div> <div class="usa-banner__guidance tablet:grid-col-6"> <img class="usa-banner__icon usa-media-block__img" src="/dist/uswds/img/icon-https.svg" role="img" alt="" aria-hidden="true"/> <div class="usa-media-block__body"> <p> <strong>Secure .gov websites use HTTPS</strong><br/>A <strong>lock</strong> ( <span class="icon-lock"> <svg xmlns="http://www.w3.org/2000/svg" width="52" height="64" viewBox="0 0 52 64" class="usa-banner__lock-image" role="img" aria-labelledby="banner-lock-description-default" focusable="false"> <title id="banner-lock-title-default">Lock</title> <desc id="banner-lock-description-default">Locked padlock icon</desc> <path fill="#000000" fill-rule="evenodd" d="M26 0c10.493 0 19 8.507 19 19v9h3a4 4 0 0 1 4 4v28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V32a4 4 0 0 1 4-4h3v-9C7 8.507 15.507 0 26 0zm0 8c-5.979 0-10.843 4.77-10.996 10.712L15 19v9h22v-9c0-6.075-4.925-11-11-11z"/> </svg> </span >) or <strong>https://</strong> means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites. </p> </div> </div> </div> </div> </div> </section> <nav id="navbar" class="navbar"> <div id="nist-menu-container" class="container"> <div class="row"> <!-- Brand --> <div class="col-xs-6 col-md-4 navbar-header"> <a class="navbar-brand" href="https://www.nist.gov" target="_blank" id="navbar-brand-image"> <img src="/CSRC/media/images/svg/nist-logo.svg" alt="National Institute of Standards and Technology" width="110" height="30"> </a> </div> <div class="col-xs-6 col-md-8 navbar-nist-logo"> <div class="form-inline hidden-sm hidden-xs"> <form name="site-search" id="site-search-form" action="/search" method="GET"> <label for="search-csrc-query" class="element-invisible">Search</label> <input autocomplete="off" class="form-control" id="search-csrc-query" name="keywords" type="text" size="15" maxlength="128" placeholder="Search CSRC" /> <input type="hidden" name="ipp" value="25" /> <input type="hidden" name="sortBy" value="relevance" /> <input type="hidden" name="showOnly" value="publications,projects,news,events,presentations,glossary,topics" /> <input type="hidden" name="topicsMatch" value="ANY" /> <input type="hidden" name="status" value="Final,Draft" /> <button type="submit" id="search-csrc-submit-btn" class="form-submit"> <span class="element-invisible">Search</span> <i class="fa fa-search"></i> </button> </form> </div> <span id="nvd-menu-button" class="pull-right"> <a href="#" id="nvd-menu-button-link"> <span class="fa fa-bars"></span> <span id="nvd-menu-full-text">CSRC MENU</span> </a> </span> </div> </div> </div> <div class="form-inline hidden-md hidden-lg"> <form name="site-search-mobile" id="site-search-form-mobile" action="/search" method="GET"> <label for="search-csrc-query-mobile" class="element-invisible">Search</label> <input autocomplete="off" class="form-control" id="search-csrc-query-mobile" name="keywords" type="text" size="15" maxlength="128" placeholder="Search CSRC" /> <button type="submit" id="search-csrc-submit-btn-mobile" class="form-submit"> <span class="element-invisible">Search</span> <i class="fa fa-search"></i> </button> </form> </div> <div class="main-menu-row container"> <!-- Collect the nav links, forms, and other content for toggling --> <div id="main-menu-drop" class="col-lg-12" style="display: none;"> <ul> <li><a href="/projects">Projects</a></li> <li> <a href="/publications"> Publications <span class="expander fa fa-plus" id="main-menu-pubs-expander" data-expander-name="publications" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="publications" id="main-menu-pubs-expanded"> <div class="row"> <div class="col-lg-4"> <p><a href="/publications/drafts-open-for-comment">Drafts for Public Comment</a></p> <p><a href="/publications/draft-pubs">All Public Drafts</a></p> <p><a href="/publications/final-pubs">Final Pubs</a></p> <p><a href="/publications/fips">FIPS <small>(standards)</small></a></p> </div> <div class="col-lg-4"> <p><a href="/publications/sp">Special Publications (SP<small>s</small>)</a></p> <p><a href="/publications/ir">IR <small>(interagency/internal reports)</small></a></p> <p><a href="/publications/cswp">CSWP <small>(cybersecurity white papers)</small></a></p> <p><a href="/publications/itl-bulletin">ITL Bulletins</a></p> </div> <div class="col-lg-4"> <p><a href="/publications/project-description">Project Descriptions</a></p> <p><a href="/publications/journal-article">Journal Articles</a></p> <p><a href="/publications/conference-paper">Conference Papers</a></p> <p><a href="/publications/book">Books</a></p> </div> </div> </div> </li> <li> <a href="/topics"> Topics <span class="expander fa fa-plus" id="main-menu-topics-expander" data-expander-name="topics" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="topics" id="main-menu-topics-expanded"> <div class="row"> <div class="col-lg-4"> <p><a href="/Topics/Security-and-Privacy">Security & Privacy</a></p> <p><a href="/Topics/Applications">Applications</a></p> </div> <div class="col-lg-4"> <p><a href="/Topics/Technologies">Technologies</a></p> <p><a href="/Topics/Sectors">Sectors</a></p> </div> <div class="col-lg-4"> <p><a href="/Topics/Laws-and-Regulations">Laws & Regulations</a></p> <p><a href="/Topics/Activities-and-Products">Activities & Products</a></p> </div> </div> </div> </li> <li><a href="/news">News & Updates</a></li> <li><a href="/events">Events</a></li> <li><a href="/glossary">Glossary</a></li> <li> <a href="/about"> About CSRC <span class="expander fa fa-plus" id="main-menu-about-expander" data-expander-name="about" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="about" id="main-menu-about-expanded"> <div class="row"> <div class="col-lg-6"> <p> <strong><a href="/Groups/Computer-Security-Division">Computer Security Division</a></strong><br /> <ul> <li><a href="/Groups/Computer-Security-Division/Cryptographic-Technology">Cryptographic Technology</a></li> <li><a href="/Groups/Computer-Security-Division/Secure-Systems-and-Applications">Secure Systems and Applications</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Components-and-Mechanisms">Security Components and Mechanisms</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Engineering-and-Risk-Management">Security Engineering and Risk Management</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Testing-Validation-and-Measurement">Security Testing, Validation, and Measurement</a></li> </ul> </p> </div> <div class="col-lg-6"> <p> <strong><a href="/Groups/Applied-Cybersecurity-Division">Applied Cybersecurity Division</a></strong><br /> <ul> <li><a href="/Groups/Applied-Cybersecurity-Division/Cybersecurity-and-Privacy-Applications">Cybersecurity and Privacy Applications</a></li> <li><a href="/Groups/Applied-Cybersecurity-Division/National-Cybersecurity-Center-of-Excellence">National Cybersecurity Center of Excellence (NCCoE)</a></li> <li><a href="https://www.nist.gov/nice/">National Initiative for Cybersecurity Education (NICE)</a></li> </ul> </p> <p> <a href="/contact"> Contact Us </a> </p> </div> </div> </div> </li> </ul> </div><!-- /#mobile-nav-container --> </div> </nav> <section id="itl-header" class="has-menu"> <div class="container"> <div class="row"> <div class="col-sm-12 col-md-8"> <div class="hidden-xs hidden-sm" id="itl-header-lg"> <a href="https://www.nist.gov/itl" target="_blank" id="itl-header-link">Information Technology Laboratory</a> </div> <div class="hidden-xs hidden-sm" id="csrc-header-lg"> <a href="/" id="csrc-header-link-lg">Computer Security Resource Center</a> </div> </div> <div class="col-sm-12 col-md-4"> <div class="hidden-xs hidden-sm hidden-md"> <a id="logo-csrc-lg" href="/"><img id="img-logo-csrc-lg" src="/CSRC/Media/images/nist-logo-csrc-white.svg" alt="CSRC Logo" class="csrc-header-logo"></a> </div> <div class="hidden-lg"> <a id="logo-csrc-sm" href="/"><img id="img-logo-csrc-sm" src="/CSRC/Media/images/nist-logo-csrc-white.svg" alt="CSRC Logo" class="csrc-header-logo"></a> </div> </div> </div> </div> </section> <div id="body-section" class="container"> <div class="breadcrumb"> <a href="/projects" class="breadcrumb-link">Projects</a> </div> <h1 id="projectName">Multi-Party Threshold Cryptography <small id="project-acronym">MPTC</small></h1> <div class="page-social-buttons" id=&quot;news-social-buttons&quot;> <a href="https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcsrc.nist.gov%2Fprojects%2Fthreshold-cryptography" class="social-facebook"><i class="fa fa-facebook fa-fw" aria-hidden="true"></i><span class="sr-only">Share to Facebook</span></a> <a href="https://twitter.com/share?url=https%3A%2F%2Fcsrc.nist.gov%2Fprojects%2Fthreshold-cryptography" class="social-twitter"><i class="fa fa-twitter fa-fw" aria-hidden="true"></i><span class="sr-only">Share to Twitter</span></a> <a href="https://www.linkedin.com/shareArticle?mini=true&amp;url=https%3A%2F%2Fcsrc.nist.gov%2Fprojects%2Fthreshold-cryptography&amp;source=csrc.nist.gov" class="social-linked-in"><i class="fa fa-linkedin fa-fw" aria-hidden="true"></i><span class="sr-only">Share to LinkedIn</span></a> <a href="mailto:?subject=csrc.nist.gov&amp;body=Check out this site https://csrc.nist.gov/Projects/threshold-cryptography" class="social-email"><i class="fa fa-envelope fa-fw" aria-hidden="true"></i><span class="sr-only">Share ia Email</span></a> </div> <div class="row visible-sm visible-xs visible-md"> <div class="col-sm-12"> <div class="bs-callout bs-callout-subnav" id="projectLinksContainer-sm"> <h4><i class="fa fa-link"></i> Project Links</h4> <div class="project-icons-container"> <span> <a href="/projects/threshold-cryptography" id="NavOverviewLink-sm"> <i class="fa fa-info-circle"></i> Overview </a> </span> <span> <a href="/Projects/threshold-cryptography/news" id="NavNewsLink-sm" data-count="6"> <i class="fa fa-newspaper-o"></i> News &amp; Updates </a> </span> <span> <a href="/Projects/threshold-cryptography/events" id="NavEventsLink-sm" data-count="3"> <i class="fa fa-calendar-o"></i> Events </a> </span> <span> <a href="/Projects/threshold-cryptography/publications" id="NavPubsLink-sm" data-count="7"> <i class="fa fa-file-text"></i> Publications </a> </span> <span> <a href="/Projects/threshold-cryptography/presentations" id="NavPresLink-sm" data-count="22"> <i class="fa fa-desktop"></i> Presentations </a> </span> </div> </div> </div> </div> <div class="row"> <div class="col-lg-8 col-sm-12"> <h3>Overview</h3> <div id="overview"> <p>The multi-party paradigm of threshold cryptography enables <strong>threshold schemes</strong>, for a secure distribution of trust in the operation of cryptographic primitives.</p> <div class="alert alert-success" role="alert"><strong>2024:</strong> <strong><a href="https://csrc.nist.gov/pubs/ir/8214/b/ipd">NIST IR 8214B </a></strong>(on Threshold EdDSA) and&nbsp;<strong><a href="https://csrc.nist.gov/pubs/ir/8214/c/ipd">NIST IR 8214C</a></strong> (with the Threshold Call) are being revised. <ul> <li><strong>Threshold Call:</strong> A 2nd public draft (2pd) of IR 8214C will be published, some time after gauging opinions in the MPTC-forum about planned changes compared to the initial public draft (ipd).</li> <li><strong>Threshold EdDSA:</strong> The final version of IR 8214B will integrate notes about related protocol approaches published since the initial public draft (ipd).</li> </ul> </div> <hr> <h2><strong>The NIST Threshold Call</strong></h2> <div aria-multiselectable="true" class="panel-group" id="collapse1727345987035" role="tablist"> <div class="panel panel-default"> <div class="panel-heading" id="heading1727345987035_0" role="tab"> <div class="panel-title"><a aria-controls="collapse1727345987035_0" aria-expanded="false" class="collapsed" data-parent="#collapse1727345987035" data-target="#collapse1727345987035_0" data-toggle="collapse" href="javascript:void(0)">What are Threshold Schemes </a></div> </div> <div aria-labelledby="heading1727345987035_0" class="collapse panel-collapse" id="collapse1727345987035_0" role="tabpanel"> <div class="panel-body"> <h4><strong>The multi-party threshold paradigm</strong></h4> <p>Using a “secret sharing” mechanism, the secret key is split across multiple "parties". Then, if some (up to a <strong>threshold</strong> <em>f</em> out of <em>n</em>) of these parties are corrupted, the key secrecy remains uncompromised. The cryptographic operation that depends on the key is then performed via a <strong>threshold scheme</strong>, using secure multi-party computation (MPC), so that the key does not have to be reconstructed (i.e., the secret-sharing remains in place even during the computation). This threshold approach can be used to distribute trust across various operators, and is also useful to avoid various single-points of failure in the implementation.</p> <h4><strong>Which cryptographic primitives can be thresholdized?</strong></h4> <p><strong>Threshold schemes</strong> can be applied to any cryptographic primitive, such as key generation, signing, encryption and decryption. The MPTC project will consider devising recommendations and guidelines pertinent to threshold schemes that are <strong>interchangeable</strong> (in the sense of NISTIR 8214A, <a href="https://doi.org/10.6028/NIST.IR.8214A#subsection.2.4">Section 2.4</a>) with selected primitives of interest. For example, a threshold-produced signature should be verifiable by the verification algorithm that is used for signatures produced by the conventional (non-threshold) algorithm.</p> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading" id="heading1727345987035_1" role="tab"> <div class="panel-title"><a aria-controls="collapse1727345987035_1" aria-expanded="false" class="collapsed" data-parent="#collapse1727345987035" data-target="#collapse1727345987035_1" data-toggle="collapse" href="javascript:void(0)">NIST Threshold Call Intro </a></div> </div> <div aria-labelledby="heading1727345987035_1" class="collapse panel-collapse" id="collapse1727345987035_1" role="tabpanel"> <div class="panel-body"> <p><a href="https://doi.org/10.6028/NIST.IR.8214C.ipd">NISTIR 8214C ipd</a>&nbsp;— <strong>NIST First Call for multi-party threshold schemes</strong> (initial public draft)&nbsp;— was published on 2023-Jan-25. This is the draft of a call that motivates the community of expert stakeholders to submit proposals of threshold schemes (including technical specification, security analysis, open-source reference implementation, performance evaluation) for primitives in two categories:</p> <ul> <li><strong>Cat1: selected NIST-specified primitives</strong> (see Table 1).</li> <li><strong>Cat2: other primitives not specified by NIST</strong> (see Table 2).</li> </ul> <p>As detailed in the <a href="https://csrc.nist.gov/pubs/ir/8214/c/ipd">publication page</a>, a formal period of public comments was open until 2023-April-10 (the compilation was <a href="https://csrc.nist.gov/files/pubs/ir/8214/c/ipd/docs/nistir-8214c-ipd-public-feedback.pdf">published here</a>). Furthermore, in September 26–28, 2023, NIST organized <a href="https://csrc.nist.gov/Events/2023/mpts2023">MPTS 2023</a>, a workshop focused on the topics of the Threshold Call. The upcoming revision of <a href="https://csrc.nist.gov/pubs/ir/8214/c/ipd">NISTIR 8214C ipd</a> will make several adjustments, including the scope of several subcategories:</p> <ul> <li>C1.1 and C.1.2: will include some primitives of the <a href="https://csrc.nist.gov/projects/post-quantum-cryptography/selected-algorithms-2022">schemes selected by the NIST-PQC process</a>.</li> <li>C1.4: will include some lightweight cryptography primitives to be specified by the NIST <a href="https://csrc.nist.gov/projects/lightweight-cryptography">LWC project</a>.</li> <li>C2.6: will narrow the scope, becoming focused on FHE.</li> </ul> <p>Once the final call is published and concrete threshold schemes are submitted, the collected reference material will be analyzed and the conclusions will support the future development of recommendations and guidelines.</p> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading" id="heading1727345987035_2" role="tab"> <div class="panel-title"><a aria-controls="collapse1727345987035_2" aria-expanded="false" class="collapsed" data-parent="#collapse1727345987035" data-target="#collapse1727345987035_2" data-toggle="collapse" href="javascript:void(0)">Category 1 Primitives </a></div> </div> <div aria-labelledby="heading1727345987035_2" class="collapse panel-collapse" id="collapse1727345987035_2" role="tabpanel"> <div class="panel-body"> <p><strong>Table 1. Subcategories of interest in Cat1</strong></p> <table align="left" class="table table-condensed table-striped"> <thead> <tr> <th><strong>Subcategory: Type</strong></th> <th><strong>Families of specifications</strong></th> <th><strong>Section (in the call)</strong></th> </tr> </thead> <tbody> <tr> <td>C1.1: Signing</td> <td> <p>[PreQ] <a href="https://csrc.nist.gov/pubs/fips/186-5/final">EdDSA</a> sign; <a href="https://csrc.nist.gov/pubs/fips/186-5/final">ECDSA</a> sign; <a href="https://csrc.nist.gov/pubs/fips/186-5/final">RSADSA</a> sign</p> <p>[QR stateless] <a href="https://csrc.nist.gov/pubs/fips/204/ipd">ML-DSA</a> sign; <a href="https://csrc.nist.gov/pubs/fips/205/ipd">SLH-DSA</a> sign; Falcon (to appear) sign</p> <p>[QR stateful]: <a href="https://csrc.nist.gov/pubs/sp/800/208/final">XMSS</a> sign; <a href="https://csrc.nist.gov/pubs/sp/800/208/final">LMS</a> sign</p> </td> <td>A.1</td> </tr> <tr> <td>C1.2: PKE</td> <td> <p>[PreQ] <a href="https://csrc.nist.gov/pubs/sp/800/56/b/r2/final">RSA</a> encryption &amp; decryption</p> <p>[QR] <a href="https://csrc.nist.gov/pubs/fips/203/ipd">ML-KEM</a> encryption &amp; decryption</p> </td> <td>A.2</td> </tr> <tr> <td>C1.3: 2KA</td> <td><a href="https://csrc.nist.gov/pubs/sp/800/56/a/r3/final">ECC-CDH </a>&amp; <a href="https://csrc.nist.gov/pubs/sp/800/56/a/r3/final">ECC-MQV</a> primitives</td> <td>A.3</td> </tr> <tr> <td>C1.4: Symmetric</td> <td> <p>Key-based: <a href="https://csrc.nist.gov/pubs/fips/197/final">AES</a> (blockcipher) &amp; <a href="https://csrc.nist.gov/pubs/ir/8454/final">ASCON</a> (AEAD) encipher and decipher; <a href="https://csrc.nist.gov/pubs/sp/800/38/b/final">C</a>/<a href="https://csrc.nist.gov/pubs/fips/198-1/final">H</a>/<a href="https://csrc.nist.gov/pubs/sp/800/185/final">K</a>-MAC</p> <p>Key-less: <a href="https://csrc.nist.gov/pubs/fips/180-4/upd1/final">SHA2</a> &amp; <a href="https://csrc.nist.gov/pubs/fips/202/final">SHA3</a> hash; <a href="http://csrc.nist.gov/pubs/fips/202/final">Keccak</a> &amp; <a href="http://csrc.nist.gov/pubs/ir/8454/final">ASCON</a> XOF</p> </td> <td>A.4</td> </tr> <tr> <td>C1.5: Keygen (aka DKG)</td> <td> <p>ECC keygen; RSA keygen; bitstring keygen</p> <p>QR keygen for ML, SLH, Falcon, and stateful-HBS</p> </td> <td>A.5</td> </tr> </tbody> </table> <p><strong>Legend</strong><strong>:</strong> 2KA = <strong>pair</strong>-wise <strong>k</strong>ey-<strong>a</strong>greement; AES = <strong>A</strong>dvanced <strong>E</strong>ncryption <strong>S</strong>tandard; CDH = <strong>C</strong>ofactor <strong>D</strong>iffie-<strong>H</strong>ellman; DKG = <strong>D</strong>istributed <strong>k</strong>ey-<strong>g</strong>eneration. ECC = <strong>E</strong>lliptic-<strong>c</strong>urve <strong>c</strong>ryptography; ECDSA = <strong>E</strong>lliptic-<strong>c</strong>urve <strong>D</strong>igital <strong>S</strong>ignature <strong>A</strong>lgorithm; EdDSA = <strong>Ed</strong>wards-Curve <strong>D</strong>igital <strong>S</strong>ignature <strong>A</strong>lgorithm; KC = <strong>K</strong>ey <strong>c</strong>onfirmation; KDM = <strong>K</strong>ey <strong>d</strong>erivation <strong>m</strong>echanism; Keygen = <strong>Key</strong>-<strong>gen</strong>eration; ML = <strong>M</strong>odule <strong>L</strong>attice (based). MQV = <strong>M</strong>enezes-<strong>Q</strong>u-<strong>V</strong>anstone; PKE = <strong>P</strong>ublic-<strong>k</strong>ey <strong>e</strong>ncryption; PQC = <strong>P</strong>ost-<strong>Q</strong>uantum <strong>C</strong>ryptography. PreQ = <strong>pre</strong>-<strong>q</strong>uantum; QR = <strong>q</strong>uantum <strong>r</strong>esistant; RSA = <strong>R</strong>ivest-<strong>S</strong>hamir-<strong>A</strong>dleman; RSADSA = RSA <strong>d</strong>igital <strong>s</strong>ignature <strong>a</strong>lgorithm; stfl-HBS = <strong>st</strong>ate<strong>f</strong>u<strong>l</strong> <strong>h</strong>ash-<strong>b</strong>ased <strong>s</strong>ignatures.</p> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading" id="heading1727345987035_3" role="tab"> <div class="panel-title"><a aria-controls="collapse1727345987035_3" aria-expanded="false" class="collapsed" data-parent="#collapse1727345987035" data-target="#collapse1727345987035_3" data-toggle="collapse" href="javascript:void(0)">Category 2 Primitives </a></div> </div> <div aria-labelledby="heading1727345987035_3" class="collapse panel-collapse" id="collapse1727345987035_3" role="tabpanel"> <div class="panel-body"> <p><strong>Table 2. Subcategories and examples of primitives in Cat2</strong></p> <table class="table table-condensed table-striped"> <thead> <tr> <th>Subcategory: Type</th> <th>Example scheme</th> <th><strong>Example primitive</strong></th> </tr> </thead> <tbody> <tr> <td>C2.1: Signing</td> <td>TF succinct &amp; verifiable-deterministic signatures</td> <td>Sign</td> </tr> <tr> <td>&nbsp;</td> <td>TF-QR signatures</td> <td>Sign</td> </tr> <tr> <td>C2.2: PKE</td> <td>TF-QR <strong>p</strong>ublic-<strong>k</strong>ey <strong>e</strong>ncryption (PKE)</td> <td>Decrypt; encrypt (a secret value)</td> </tr> <tr> <td>C2.3: KA</td> <td>Low-round multi-party <strong>k</strong>ey-<strong>a</strong>greement (KA)</td> <td>Single-party primitives</td> </tr> <tr> <td>C2.4: Symmetric</td> <td>TF PRP (e.g., blockcipher) or PRF (e.g., for MAC or key-derivation)</td> <td>Encipher, decipher, MAC</td> </tr> <tr> <td>&nbsp;</td> <td>Hash or XOF</td> <td>Hash function, XOF</td> </tr> <tr> <td>C2.5: Keygen</td> <td>Any of the above or below</td> <td>Keygen</td> </tr> <tr> <td>C2.6: FHE</td> <td>QR <strong>F</strong>ully-<strong>h</strong>omomorphic <strong>e</strong>ncryption (FHE)</td> <td>Decryption; keygens</td> </tr> <tr> <td>C2.7: ZKPoK</td> <td>ZKPoK of private key</td> <td>ZKPoK.Generate</td> </tr> <tr> <td>C2.8: Gadgets</td> <td><strong>G</strong>arbled <strong>c</strong>ircuit (GC)</td> <td>GC.generate; GC.evaluate</td> </tr> </tbody> </table> <p>TF-QR is a desired combination for any type of scheme; some examples show just TF to convey that it is welcome even if not QR.</p> <p><strong>Legend:</strong>&nbsp; 2KE = pair-wise <strong>k</strong>ey-<strong>e</strong>stablishment; Keygen = <strong>key</strong>-<strong>gen</strong>eration; PKE = <strong>P</strong>ublic-<strong>k</strong>ey <strong>e</strong>ncryption; PRF = <strong>p</strong>seudo<strong>r</strong>andom <strong>f</strong>unction (family); PRP = <strong>p</strong>seudo<strong>r</strong>andom <strong>p</strong>ermutation (family); QR = <strong>q</strong>uantum <strong>r</strong>esistant; TF = <strong>t</strong>hreshold <strong>f</strong>riendly; ZKPoK = <strong>Z</strong>ero-<strong>k</strong>nowledge <strong>p</strong>roof <strong>o</strong>f <strong>k</strong>nowledge.</p> <p>Note: the initial public draft had "C2.6 = Advanced" (inc. FHE, IBE and ABE), but the 2pd will narrow it down to just FHE.</p> </div> </div> </div> </div> <h2><strong>Project Progress and Milestones</strong></h2> <div aria-multiselectable="true" class="panel-group" id="collapse1727345907910" role="tablist"> <div class="panel panel-default"> <div class="panel-heading" id="heading1727345907910_1" role="tab"> <div class="panel-title"><a aria-controls="collapse1727345907910_1" aria-expanded="false" class="collapsed" data-parent="#collapse1727345907910" data-target="#collapse1727345907910_1" data-toggle="collapse" href="javascript:void(0)">Useful Links </a></div> </div> <div aria-labelledby="heading1727345907910_1" class="collapse panel-collapse" id="collapse1727345907910_1" role="tabpanel"> <div class="panel-body"> <p><strong>Documents:</strong></p> <ul> <li>2023-Jan: <a href="https://csrc.nist.gov/pubs/ir/8214/c/ipd">NISTIR 8214C ipd</a> (initial public draft): "<em>NIST First Call for Multi-Party Threshold Schemes</em>"; see also the <a href="/csrc/media/pubs/ir/8214/c/ipd/docs/nistir-8214c-ipd-public-feedback.pdf">received feedback</a>.</li> <li>2022-Aug: <a href="https://csrc.nist.gov/pubs/ir/8214/b/ipd">NISTIR 8214B ipd </a>(initial public draft): "<em>Notes on Threshold EdDSA/Schnorr Signatures</em>" <a href="https://csrc.nist.gov/publications/detail/nistir/8214b/draft">(on EdDSA)</a>; see also the <a href="https://csrc.nist.gov/csrc/media/Publications/nistir/8214b/draft/documents/NISTIR-8214B-ipd-public-feedback.pdf">received feedback</a></li> <li>2021-Jun: <a href="/csrc/media/Projects/threshold-cryptography/documents/MPTC-call2021a-feedback.pdf"> Call 2021a</a>; see also the <a href="/csrc/media/Projects/threshold-cryptography/documents/MPTC-Call2021a-Feedback-compilation.pdf">received feedback</a></li> <li>2020-July: <a href="https://csrc.nist.gov/pubs/ir/8214/a/final">NISTIR 8214A</a>; see also the <a href="https://csrc.nist.gov/CSRC/media/Publications/nistir/8214a/final/documents/nistir-8214a-diff-comments-received.pdf">diff and feedback</a> to/about <a href="https://csrc.nist.gov/pubs/ir/8214/a/ipd">Draft NISTIR 8214A</a> (2019-Nov)</li> <li>2019-Mar: <a href="https://csrc.nist.gov/pubs/ir/8214/final">NISTIR 8214</a>; see also the <a href="https://csrc.nist.gov/CSRC/media/Publications/nistir/8214/final/documents/nistir-8214-diff-comments-received.pdf">diff and feedback</a>&nbsp;to/about&nbsp; <a href="https://csrc.nist.gov/pubs/ir/8214/ipd">Draft NISTIR 8214</a> (2018-Jul)</li> </ul> <p><strong>Presentations:</strong></p> <ul> <li>2023-Sep: presentations at the <a href="https://csrc.nist.gov/events/2023/mpts2023">MPTS 2023</a> workshop</li> <li>2020-Nov: presentations at the <a href="https://csrc.nist.gov/events/2020/mpts2020">MPTS 2020</a> workshop</li> <li>2019-Mar: presentations at the <a href="https://csrc.nist.gov/Events/2019/NTCW19">NTCW’19</a> workshop</li> <li><a href="https://csrc.nist.gov/projects/threshold-cryptography/presentations">Various project-related presentations</a></li> <li>Some <a href="https://csrc.nist.gov/Projects/crypto-reading-club">crypto-reading-club</a> presentations of interest: <a href="https://csrc.nist.gov/presentations/2021/lhe-from-class-groups-of-quadratic-fields">2021-06-16</a> (zk-SNARKs), <a href="https://csrc.nist.gov/Presentations/2022/crclub-2022-08-10">2022-08-10</a> (Threshold EdDSA), <a href="https://csrc.nist.gov/Presentations/2022/crclub-2022-09-07">2022-09-07</a> (ROS insecurity), <a href="https://csrc.nist.gov/presentations/2022/crclub-2022-11-02">2022-Nov-02</a> (adaptive security), <a href="https://csrc.nist.gov/Presentations/2023/crclub-2023-06-14">2023-Jun-14</a> (MPC/FHE/ZKP friendly primitives)</li> </ul> <p>Note: The old "<strong>single-device</strong> track" about masked circuits for block-ciphers has become a <a href="https://csrc.nist.gov/projects/masked-circuits">separate project</a>.</p> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading" id="heading1727345907910_2" role="tab"> <div class="panel-title"><a aria-controls="collapse1727345907910_2" aria-expanded="false" class="collapsed" data-parent="#collapse1727345907910" data-target="#collapse1727345907910_2" data-toggle="collapse" href="javascript:void(0)">NIST Threshold Workshops </a></div> </div> <div aria-labelledby="heading1727345907910_2" class="collapse panel-collapse" id="collapse1727345907910_2" role="tabpanel"> <div class="panel-body"> <p>Each NIST-organized workshop has a dedicated webpage with detailed information. These events are also listed in the "<a href="https://csrc.nist.gov/projects/threshold-cryptography/events">Events</a>" page associated with the MPTC project.</p> <ul> <li><strong>September 26–28, 2023:</strong> NIST Workshop on <a href="https://csrc.nist.gov/events/2020/mpts2020">Multi-Party Threshold Schemes</a> (MPTS) 2023 <ul> <li>Held virtually, including 26 external talks, 1 open session of comments, 4 talks on NIST activities, 3 internal notes about the Threshold Call, 1 opening and 1 closing session.</li> <li>The presentations Obtained feedback about the NIST First Call for Multi-Party Threshold Schemes.</li> <li>There was a <a href="/csrc/media/events/2023/mpts2023/documents/MPTS2023-Workshop-Call-for-Abstracts.pdf">call for presentation abstracts</a>, with a deadline of 2023-Sep-05<strong>.</strong></li> </ul> </li> <li><strong>November 4</strong>–<strong>6, 2020:</strong> <a href="https://csrc.nist.gov/events/2020/mpts2020">NIST Workshop on Multi-Party Threshold Schemes</a> (MPTS) 2020 <ul> <li>Held virtually, including 17 invited talks and 11 accepted briefs.</li> <li>The presentations provided feedback toward criteria for multi-party threshold schemes.</li> <li>The <a href="/CSRC/media//Events/mpts2020/documents/workshop-MPTS2020-announce.pdf">workshop announcement</a> informed a deadline for submissions by 2020-Sep-30.</li> </ul> </li> <li><strong>March 11</strong>–<strong>12, 2019:</strong> <a href="https://csrc.nist.gov/Events/2019/NTCW19">NIST Threshold Cryptography Workshop (NTCW) 2019</a> <ul> <li>Held in person, at the NIST campus in Gaithersburg Maryland, USA</li> <li>Participants: with experts from industry, academia, and government.</li> <li>The submission deadline was December 17, 2018.</li> <li>Note: this workshop relates to an older exploratory phase, whose scope included multi-party threshold schemes and single-party masked implementations</li> </ul> </li> </ul> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading" id="heading1727345907910_3" role="tab"> <div class="panel-title"><a aria-controls="collapse1727345907910_3" aria-expanded="false" class="collapsed" data-parent="#collapse1727345907910" data-target="#collapse1727345907910_3" data-toggle="collapse" href="javascript:void(0)">Reports in the NISTIR series </a></div> </div> <div aria-labelledby="heading1727345907910_3" class="collapse panel-collapse" id="collapse1727345907910_3" role="tabpanel"> <div class="panel-body"> <ul> </ul> <p><strong>NIST Internal Reports (NISTIR):</strong></p> <p>So far, the main publications in the project are in the form of NIST Internal Reports (NISTIR), elaborated internally at NIST and made publicly available for comments and consultation.</p> <ul> <li><strong><a href="https://csrc.nist.gov/publications/detail/nistir/8214c/draft">NIST IR 8214C ipd:</a></strong><em><a href="https://csrc.nist.gov/publications/detail/nistir/8214c/draft">&nbsp;</a>NIST First Call for Multi-Party Threshold Schemes</em><strong><a href="https://csrc.nist.gov/publications/detail/nistir/8214c/draft"> </a></strong> <ul> <li><strong>Final version:</strong> expected in the third quarter of 2023</li> <li><strong><a href="/csrc/media/pubs/ir/8214/c/ipd/docs/nistir-8214c-ipd-public-feedback.pdf">Public comments</a>:</strong>&nbsp;The initial public draft announced a period of public comments until 2023-Apr-10. The <a href="https://csrc.nist.gov/events/2023/mpts2023">MPTS 2023 workshop</a> (2023-Sep-26–28) will collect further feedback.</li> <li><strong>Initial public draft:</strong> Published on 2023-Jan-25. DOI:<a href="https://doi.org/10.6028/NIST.IR.8214C.ipd">10.6028/NIST.IR.8214C.ipd</a></li> </ul> </li> <li><strong><a href="/publications/detail/nistir/8214a/final">NISTIR 8214B</a><a href="/publications/detail/nistir/8214b/draft"> ipd</a>:</strong> <em>Notes on Threshold EdDSA/Schnorr Signatures</em> <ul> <li><strong>Final version:</strong> expected in the third quarter of 2023</li> <li><a href="/csrc/media/pubs/ir/8214/b/ipd/docs/NISTIR-8214B-ipd-public-feedback.pdf"><strong>Public comments</strong></a><strong>:</strong> The initial public draft announced a period of public comments until 2023-Oct-24.</li> <li><strong>Initial public draft:</strong> Published on 2022-Aug-12. DOI:<a href="https://doi.org/10.6028/NIST.IR.8214B.ipd">10.6028/NIST.IR.8214B.ipd</a></li> </ul> </li> <li><strong><a href="/publications/detail/nistir/8214a/final">NISTIR 8214A</a>:</strong><em><strong> NIST Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives</strong></em>. <ul> <li><strong>Final version:</strong> Published on <strong>2020-Jul-07</strong>. DOI:<a href="https://doi.org/10.6028/NIST.IR.8214A">10.6028/NIST.IR.8214A</a></li> <li><strong>Note:</strong> Initiated a discussion about the pertinence of considering the standardization of threshold schemes for cryptographic primitives.</li> <li><strong><a href="http://csrc.nist.gov/CSRC/media/Publications/nistir/8214a/final/documents/nistir-8214a-diff-comments-received.pdf">Diff and public comments</a>:</strong> The draft was open for public comments until <strong>2020-Feb-10</strong>. The available "diff" highlights the changes between the draft and the final version and includes a table with the received comments.</li> <li><strong><a href="https://csrc.nist.gov/publications/detail/nistir/8214a/draft">Draft version</a>:</strong> Published in the CSRC on <strong>2019-Nov-08</strong>. DOI:<a href="https://10.6028/NIST.IR.8214A-draft">10.6028/NIST.IR.8214A-draft </a></li> <li><strong>Note:</strong> The title in the draft was "<em>Towards NIST Standards for Threshold Schemes for Cryptographic Primitives: A Preliminary Roadmap</em>", which changed in the final version.</li> </ul> </li> <li><strong><a href="https://csrc.nist.gov/publications/detail/nistir/8214/final">NISTIR 8214</a>: <em>Threshold Schemes for Cryptographic Primitives: Challenges and Opportunities in Standardization and Validation of Threshold Cryptography</em></strong>. <ul> <li><strong>Final version:</strong> Published in the CSRC on <strong>2019-Mar-01</strong>.</li> <li><strong>Note:</strong> presents a structured approach for exploring the space of threshold schemes for potential standardization, across two tracks: multi-party and single-device.</li> <li><strong><a href="http://csrc.nist.gov/CSRC/media/Publications/nistir/8214/final/documents/nistir-8214-diff-comments-received.pdf">Diff and public comments</a>:</strong> The draft was open for public comments until <strong>2018-Oct-22</strong>. The available "diff" highlights the changes between the draft and the final version and includes a table with the received comments.</li> <li><strong><a href="https://csrc.nist.gov/publications/detail/nistir/8214/draft">Draft version</a>:</strong> Published in the CSRC on <strong>2019-Jul-26</strong>.</li> </ul> </li> </ul> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading" id="heading1727345907910_4" role="tab"> <div class="panel-title"><a aria-controls="collapse1727345907910_4" aria-expanded="false" class="collapsed" data-parent="#collapse1727345907910" data-target="#collapse1727345907910_4" data-toggle="collapse" href="javascript:void(0)">Public feedback </a></div> </div> <div aria-labelledby="heading1727345907910_4" class="collapse panel-collapse" id="collapse1727345907910_4" role="tabpanel"> <div class="panel-body"> <h4><strong>Collaboration</strong></h4> <p>The project will drive an open and transparent standardization process based on established <a href="https://csrc.nist.gov/publications/detail/nistir/7977/final">NIST principles</a>. The process involves engaging with and incorporating feedback from the community of stakeholders, including researchers and practitioners in academia, industry and government. To receive announcements pertinent to collaboration with the Threshold Cryptography project, consider subscribing to the <a href="https://csrc.nist.gov/Projects/Threshold-Cryptography/email-list">MPTC-forum</a>. The messaegs are publicly available at <a href="https://groups.google.com/a/list.nist.gov/g/mptc-forum">https://groups.google.com/a/list.nist.gov/g/mptc-forum</a></p> <p>Specific collaboration is expected in the form of high-quality submissions to the upcoming NIST First Call for Multi-Party Threshold Schemes, and the subsequent public analysis of the set of submitted schemes.</p> <h4><strong>Public feedback</strong></h4> <p>The MPTC project has received useful community feedback about the multi-party threshold setting.</p> <h5><strong>Call 2021a for Feedback on Criteria for Threshold Schemes</strong>:</h5> <p>An earlier related call for focused feedback on criteria for threshold schemes (<a href="/CSRC/media/Projects/threshold-cryptography/documents/MPTC-call2021a-feedback.pdf">Call 2021a</a>) solicited anticipated <a href="/csrc/media/Projects/threshold-cryptography/documents/MPTC-Call2021a-Feedback-compilation.pdf">comments</a> on the following topics: scope of proposals; security idealization; security vs. adversary types; system model; threshold profiles; building blocks.</p> <ul> <li>Original call (2021-July-02): <a href="/CSRC/media/Projects/threshold-cryptography/documents/MPTC-call2021a-feedback.pdf">Call 2021a for Feedback on Criteria for Threshold Schemes</a>&nbsp;</li> <li>Received feedback (compiled on 2022-Aug-30): <a href="/csrc/media/Projects/threshold-cryptography/documents/MPTC-Call2021a-Feedback-compilation.pdf">Compilation of Feedback to NIST-MPTC Call 2021a</a></li> </ul> <h5><strong>Feedback about NISTIR’s</strong></h5> <p>The NIST reports on threshold schemes have benefited from public comments, as described in:</p> <ul> <li><strong><a href="https://csrc.nist.gov/files/pubs/ir/8214/c/ipd/docs/nistir-8214c-ipd-public-feedback.pdf">Public comments</a></strong> on <a href="https://csrc.nist.gov/pubs/ir/8214/c/ipd">NISTIR 8214C ipd</a> (initial public draft)</li> <li><strong><a href="https://csrc.nist.gov/files/pubs/ir/8214/b/ipd/docs/nistir-8214b-ipd-public-feedback.pdf">Public comments</a></strong> on <a href="https://csrc.nist.gov/pubs/ir/8214/b/ipd">NISTIR 8214B ipd</a> (initial public draft)</li> <li><strong><a href="https://csrc.nist.gov/files/pubs/ir/8214/a/final/docs/nistir-8214a-diff-comments-received.pdf#pdfbkm%3Atrack-changes.0">Diff and public comments</a></strong> on <a href="https://csrc.nist.gov/pubs/ir/8214/a/final">NISTIR 8214A</a></li> <li><strong><a href="https://csrc.nist.gov/files/pubs/ir/8214/final/docs/nistir-8214-diff-comments-received.pdf#pdfbkm%3Atable-of-comments.1">Diff and public comments</a></strong> on <a href="https://csrc.nist.gov/pubs/ir/8214/final">NISTIR 8214</a></li> </ul> <h5><strong>Feedback in NIST workshops</strong></h5> <p>Topics of various presentation at <a href="https://csrc.nist.gov/events/2019/NTCW19">NTCW 2019</a>, <a href="https://csrc.nist.gov/events/2020/mpts2020">MPTS 2020</a> and <a href="https://csrc.nist.gov/events/2023/mpts2023">MPTS 2023</a>:</p> <ul> <li> <p>Standardization setting: [2019] <a href="https://csrc.nist.gov/Presentations/2019/Threshold-Cryptography-Ready-for-Prime-Time">I1.2</a> (TC readiness); [2020] <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2a1">2a1</a> (MPC settings), <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2a2">2a2</a> (composability); [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day1-talk-mpc-standardization">1a1</a> (diversity).</p> </li> <li> <p>Threshold RSA keygen: <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-1a3">1a3</a> (honest majority threshold schemes).</p> </li> <li> <p>Threshold ECDSA: [2019] <a href="https://csrc.nist.gov/Presentations/2019/A-Multiparty-Computation-Approach-to-Threshold-ECD">I4.2</a>, I.5.1 (<a href="https://csrc.nist.gov/Presentations/2019/fast-secure-multiparty-ecdsa">a</a>, <a href="https://csrc.nist.gov/Presentations/2019/fast-multiparty-threshold-ecdsa-with-fast-trustles">b</a>, <a href="https://csrc.nist.gov/Presentations/2019/panel-threshold-protocols-for-digital-signature-st">c</a>); [2020] <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-3a2">3a2</a>, <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-3a3">3a3</a>, <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-3c1">3c1</a>, <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-3c2">3c2</a>; [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day1-talk-threshold-ECDSA-OT">1b3</a>, <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day1-talk-threshold-ECDSA-variants">1b4</a>.</p> </li> <li> <p>Threshold Schnorr/EdDSA: [2019] <a href="https://csrc.nist.gov/Presentations/2019/Challenges-for-Multisignature-and-Threshold-Signat">II4</a>; [2020] <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-1b2">1b2</a> (MPC-based), <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-1b3">1b3</a> (prob.), <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-1c1">1c1</a>; [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day1-talk-threshold-eddsa-frost-sparkle">1b2</a> (prob.).</p> </li> <li> <p>Threshold AES: [2020] <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2b3">2b3</a>; [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day1-talk-threshold-aes-sha">1a4</a>.</p> </li> <li> <p>Threshold RSA keygen: [2020] <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-3b1">3b1</a>, <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-3b2">3b2</a>.</p> </li> <li> <p>Threshold DL Keygen: [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day1-talk-dl-dkg">1b1</a>.</p> </li> <li> <p>PEC-related: [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day2-talk-fhe-comments">2a1</a>, <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day2-talk-fhe-aes-transcipher">2a2</a> and <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day3-talk-fhe-blocks">3c1</a> (FHE), <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day2-talk-zkp-standards">2a3</a> and <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day2-talk-zksnarks-wasm">2a4</a> (ZKP), <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day2-talk-multi-authority-abe">2a5</a> (ABE)</p> </li> <li> <p>Threshold for other primitives: [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day1-talk-threshold-BLS">1b5</a> (BLS).</p> </li> <li> <p>Gadgets / building blocks: [2020]: <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2b2">2b2</a>+<a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2b3">2c1</a> (garbled circuits), OT (<a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2b1">2b1</a>), PCG (<a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2a3">2a3</a>), PVSS (<a href="https://csrc.nist.gov/Presentations/2020/mpts2020-1a2">1a2</a>); [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day3-talk-crhf-auth-garble">3a1</a> (auth garbling), <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day3-talk-stacked-garbling">3a2</a> (stacked garbling), <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day3-talk-gc-lookup-tables">3a3</a> (garbled lookup tables), <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day3-talk-gadgets-vole-pcg">3a4</a> (VOLE), <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day3-talk-aont">3c2</a> (AONT), <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day3-talk-verifiable-oprf">3c3</a> (VORF), <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day3-talk-smr-blockchain">3c5</a> (networking).</p> </li> <li> <p>Platforms/frameworks/endeavors: [2019] <a href="https://csrc.nist.gov/Events/2019/csrc.nist.gov/Presentations/2019/Platform-for-Robust-Threshold-Cryptography">I1.3</a>, <a href="https://csrc.nist.gov/Presentations/2019/Practical-Threshold-Cryptography-for-Cloud-and-Cry">II4.3</a>; [2020] <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-3b3">3b3</a> (frameworks), <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2c2">2c2</a>, <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2c3">2c3</a>, <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2c4">2c4</a>, <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-2c5">2c5</a> (MPC Alliance); [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day1-talk-mp-spdz">1a2</a> (SPDZ).</p> </li> <li> <p>Attacks: [2020] <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-3a1">3a1</a> (attacks), <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day2-talk-attack-threshold-ecdsa-wallets">2b2</a> (key-extraction).</p> </li> <li> <p>Theory: [2019] <a href="https://csrc.nist.gov/Presentations/2019/Challenges-for-Multisignature-and-Threshold-Signat">II4.1</a> (multi-signatures); [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day2-talk-dist-ro-proofs">2b3</a> (random-oracle)</p> </li> <li> <p>Threshold post-quantum: [2019] <a href="https://csrc.nist.gov/Presentations/2019/Adding-Distributed-Decryption-and-Key-Generation-t">I3.1</a>; [2020] <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-1c2">1c2</a>, <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-1c3">1c3</a>.</p> </li> <li> <p>Others applications/comments: [2019] <a href="https://csrc.nist.gov/Presentations/2019/Practice-Based-Recommendations-for-Standardization">II4.4</a>; [2020] <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-1b1">1b1</a>, <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-1c4">1c4</a>; [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day1-talk-mpc-apps">1a3</a>, <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day2-talk-threshold-tls-rsa">2b1</a> (TLS).</p> </li> <li> <p>Secret sharing variants: <a href="https://csrc.nist.gov/Presentations/2019/Efficient-Leakage-Resilient-Secret-Sharing">II3.1</a> (leakage resilient)</p> </li> <li> <p>Variants: [2019] <a href="https://csrc.nist.gov/Presentations/2019/Fully-Distributed-Non-Interactive-Adaptively-Secur">I4.1</a> (signatures), <a href="https://csrc.nist.gov/Presentations/2019/ntcw2019-dise-distributed-symmetric-key-encryption">II3.2</a> (symmetric encryption), <a href="https://csrc.nist.gov/Presentations/2019/SplitKey-Case-Study">II4.2</a> (signing).</p> </li> </ul> <p><strong>NIST presentations:</strong></p> <ul> <li> <p>NIST standards related: [2019] <a href="https://csrc.nist.gov/Presentations/2019/The-NIST-Standardization-Approach-on-Cryptography">I2.1</a> (approach), <a href="https://csrc.nist.gov/Presentations/2019/Quo-Vadis-Crypto-Validation">I6.1</a> (validation) <a href="https://csrc.nist.gov/Presentations/2019/NIST-Status-Update-on-Elliptic-Curves-and-Post-Qua">I2.2</a> (PQC &amp; EC); [2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day2-talk-nist-pqc-first-standards">2c1</a> &amp; <a href="https://csrc.nist.gov/Presentations/2023/mpts2023-day2-talk-nist-pqc-onramp-sigs">2c2</a> (PQC), <a href="https://csrc.nist.gov/Presentations/2023/mpts2023-day2-talk-nist-lwc">2c3</a> (LWC), <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day2-talk-nist-crypto-validation">2c4</a> (Validation), <a href="https://csrc.nist.gov/Presentations/2023/mpts2023-day2-talk-intro-pec">2a0</a> (PEC tools), <a href="https://csrc.nist.gov/Presentations/2023/mpts2023-day3-talk-intro-gadgets">3a0</a> (gadgets).</p> </li> <li> <p>Intros about the threshold-crypto project or call: [2019] <a href="https://csrc.nist.gov/presentations/2019/enter-the-threshold-(the-nist-threshold-cryptograp">I1.1</a>, [2020] <a href="https://csrc.nist.gov/Presentations/2020/mpts2020-1a1">1a1</a>;&nbsp;[2023] <a href="https://csrc.nist.gov/presentations/2023/mpts2023-day1-talk-workshop-intro">101</a>.</p> </li> </ul> <p><strong>Legend of indices: </strong></p> <p>- For NTCW 2019, indices are Xyz, with X in {I, II} (day), y in {1,…,5} (session in the day), z in {1,2,3}.</p> <p>- For MPTS 2020 and MPTS 2023, indices are xyz, with x in {0, 1,2,3} (day), y in {a,b,c,d} (session in the day), z in {0,…,5}.</p> </div> </div> </div> </div> </div> </div> <div class="col-lg-4 hidden-xs hidden-sm hidden-md"> <div class="project-nav-container"> <div class="bs-callout bs-callout-subnav" id="projectLinksContainer-lg"> <h4><i class="fa fa-link"></i> Project Links</h4> <div class="project-icons-container"> <span> <a href="/projects/threshold-cryptography" id="SideNavOverviewLink"> <i class="fa fa-info-circle"></i> Overview </a> </span> <span> <a href="/Projects/threshold-cryptography/news" id="SideNavNewsLink" data-count="6"> <i class="fa fa-newspaper-o"></i> News &amp; Updates </a> </span> <span> <a href="/Projects/threshold-cryptography/events" id="SideNavEventsLink" data-count="3"> <i class="fa fa-calendar-o"></i> Events </a> </span> <span> <a href="/Projects/threshold-cryptography/publications" id="SideNavPubsLink" data-count="7"> <i class="fa fa-file-text"></i> Publications </a> </span> <span> <a href="/Projects/threshold-cryptography/presentations" id="SideNavPresLink" data-count="22"> <i class="fa fa-desktop"></i> Presentations </a> </span> </div> <h4>Additional Pages</h4> <div id="projectPagesCallout-lg"> <a class="csrc-add-page" data-node-level="0" data-node-order="1" href="/Projects/threshold-cryptography/email-list" id="projPage0" style="border-left: solid 0rem transparent;">Email List (MPTC Forum)</a> </div> </div> </div> <div class="bs-callout bs-callout-success" id="contactsCallout-lg"> <h4><i class="fa fa-user"></i> Contacts</h4> <p id="projContact0"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Reach us at</span> <span data-field='lastname'>threshold-MP (at) nist (dot) gov</span> </strong><br/></span></p> <p id="projContact1"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Luís</span> <span data-field='lastname'>T. A. N. Brandão</span> </strong> - <strong data-field='affiliation'><span data-field='affiliation'>NIST/Strativia</span></strong><br/><a href='mailto:luis.brandao@nist.gov' data-field='email'>luis.brandao@nist.gov</a><br/></span></p> <p id="projContact2"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Michael</span> <span data-field='lastname'>Davidson</span> </strong> - <strong data-field='affiliation'><span data-field='affiliation'>NIST</span></strong><br/></span></p> <p id="projContact3"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>René</span> <span data-field='lastname'>Peralta</span> </strong> - <strong data-field='affiliation'><span data-field='affiliation'>NIST</span></strong><br/></span></p> <p id="projContact4"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Dustin</span> <span data-field='lastname'>Moody</span> </strong> - <strong data-field='affiliation'><span data-field='affiliation'>NIST</span></strong><br/></span></p> </div> <div class="bs-callout bs-callout-danger" id="owningGroupCallout-lg"> <h4><i class="fa fa-sitemap"></i> Group</h4> <a href="/Groups/Computer-Security-Division/Cryptographic-Technology">Cryptographic Technology</a> </div> <div class="bs-callout bs-callout-danger" id="topicsCallout-lg"> <h4><i class="fa fa-tag"></i> Topics</h4> <p> <strong id="catName0-lg">Security and Privacy:</strong> <a id="catTopLink0-0-lg" href="/Topics/Security-and-Privacy/cryptography/digital-signatures">digital signatures</a>, <a id="catTopLink0-1-lg" href="/Topics/Security-and-Privacy/cryptography/encryption">encryption</a>, <a id="catTopLink0-2-lg" href="/Topics/Security-and-Privacy/cryptography/key-management">key management</a>, <a id="catTopLink0-3-lg" href="/Topics/Security-and-Privacy/cryptography/message-authentication">message authentication</a>, <a id="catTopLink0-4-lg" href="/Topics/Security-and-Privacy/cryptography/post-quantum-cryptography">post-quantum cryptography</a>, <a id="catTopLink0-5-lg" href="/Topics/Security-and-Privacy/cryptography/secure-hashing">secure hashing</a> </p> <p> <strong id="catName1-lg">Activities and Products:</strong> <a id="catTopLink1-0-lg" href="/Topics/Activities-and-Products/standards-development">standards development</a> </p> </div> <div class="bs-callout bs-callout-warning" id="relatedProjectsCallout-lg"> <h4>Related Projects</h4> <a href="/Projects/automated-cryptographic-validation-testing" id="relProjLink0">Automated Cryptographic Validation Testing</a><br/> <a href="/Projects/cryptographic-module-validation-program" id="relProjLink1">Cryptographic Module Validation Program</a><br/> <a href="/Projects/cryptographic-standards-and-guidelines" id="relProjLink2">Cryptographic Standards and Guidelines</a><br/> <a href="/Projects/lightweight-cryptography" id="relProjLink3">Lightweight Cryptography</a><br/> <a href="/Projects/post-quantum-cryptography" id="relProjLink4">Post-Quantum Cryptography</a><br/> <a href="/Projects/pec" id="relProjLink5">Privacy-Enhancing Cryptography</a><br/> </div> </div> </div> <div class="row visible-sm visible-xs visible-md"> <div class="col-sm-12"> <div class="bs-callout bs-callout-subnav" id="projectPagesCallout-sm"> <h4>Additional Pages</h4> <p> <a class="csrc-add-page" data-node-level="0" data-node-order="1" href="/Projects/threshold-cryptography/email-list" id="projPage0-sm" style="border-left: solid 0rem transparent;">Email List (MPTC Forum)</a> </p> </div> <div class="bs-callout bs-callout-subnav" id="contactsCallout-sm"> <h4><i class="fa fa-user"></i> Contacts</h4> <p style="padding-left: 15px;"> <span id="projContact0-sm"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Reach us at</span> <span data-field='lastname'>threshold-MP (at) nist (dot) gov</span> </strong><br/></span></span><br/> <span id="projContact1-sm"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Luís</span> <span data-field='lastname'>T. A. N. Brandão</span> </strong> - <strong data-field='affiliation'><span data-field='affiliation'>NIST/Strativia</span></strong><br/><a href='mailto:luis.brandao@nist.gov' data-field='email'>luis.brandao@nist.gov</a><br/></span></span><br/> <span id="projContact2-sm"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Michael</span> <span data-field='lastname'>Davidson</span> </strong> - <strong data-field='affiliation'><span data-field='affiliation'>NIST</span></strong><br/></span></span><br/> <span id="projContact3-sm"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>René</span> <span data-field='lastname'>Peralta</span> </strong> - <strong data-field='affiliation'><span data-field='affiliation'>NIST</span></strong><br/></span></span><br/> <span id="projContact4-sm"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Dustin</span> <span data-field='lastname'>Moody</span> </strong> - <strong data-field='affiliation'><span data-field='affiliation'>NIST</span></strong><br/></span></span><br/> </p> </div> <div class="bs-callout bs-callout-danger" id="owningGroupCallout-sm"> <h4><i class="fa fa-sitemap"></i> Group</h4> <a href="/Groups/Computer-Security-Division/Cryptographic-Technology">Cryptographic Technology</a> </div> <div class="bs-callout bs-callout-danger" id="topicsCallout-sm"> <h4><i class="fa fa-tag"></i> Topics</h4> <p> <strong id="catName0-sm">Security and Privacy:</strong> <a id="catTopLink0-0-sm" href="/Topics/Security-and-Privacy/cryptography/digital-signatures">digital signatures</a>, <a id="catTopLink0-1-sm" href="/Topics/Security-and-Privacy/cryptography/encryption">encryption</a>, <a id="catTopLink0-2-sm" href="/Topics/Security-and-Privacy/cryptography/key-management">key management</a>, <a id="catTopLink0-3-sm" href="/Topics/Security-and-Privacy/cryptography/message-authentication">message authentication</a>, <a id="catTopLink0-4-sm" href="/Topics/Security-and-Privacy/cryptography/post-quantum-cryptography">post-quantum cryptography</a>, <a id="catTopLink0-5-sm" href="/Topics/Security-and-Privacy/cryptography/secure-hashing">secure hashing</a> </p> <p> <strong id="catName1-sm">Activities and Products:</strong> <a id="catTopLink1-0-sm" href="/Topics/Activities-and-Products/standards-development">standards development</a> </p> </div> <div class="bs-callout bs-callout-warning" id="relatedProjectsCallout-sm"> <h4>Related Projects</h4> <p> <a href="/Projects/automated-cryptographic-validation-testing" id="relProjLink0-sm">Automated Cryptographic Validation Testing</a><br/> <a href="/Projects/cryptographic-module-validation-program" id="relProjLink1-sm">Cryptographic Module Validation Program</a><br/> <a href="/Projects/cryptographic-standards-and-guidelines" id="relProjLink2-sm">Cryptographic Standards and Guidelines</a><br/> <a href="/Projects/lightweight-cryptography" id="relProjLink3-sm">Lightweight Cryptography</a><br/> <a href="/Projects/post-quantum-cryptography" id="relProjLink4-sm">Post-Quantum Cryptography</a><br/> <a href="/Projects/pec" id="relProjLink5-sm">Privacy-Enhancing Cryptography</a><br/> </p> </div> </div> </div> <div class="row"> <div class="col-md-12 historical-data-area" id="historical-data-area"> <span>Created <span id="page-created-date">July 26, 2018</span>, Updated <span id="page-updated-date">November 21, 2024</span></span> </div> </div> <div id="footer-pusher"></div> </div> <footer id="footer"> <div class="container"> <div class="row"> <div class="col-sm-6"> <span class="hidden-xs"> <a href="https://www.nist.gov" title="National Institute of Standards and Technology" rel="home" target="_blank" class="footer-nist-logo" id="footer-nist-logo-link"> <img src="/CSRC/Media/images/nist-logo-brand-white.svg" alt="National Institute of Standards and Technology logo" id="footer-nist-logo" /> </a> </span> <div class="row footer-contact-container"> <div class="col-sm-12" id="footer-address"> <strong>HEADQUARTERS</strong><br> 100 Bureau Drive<br> Gaithersburg, MD 20899 </div> </div> </div> <div class="col-sm-6"> <ul class="social-list text-right" style="display: block;"> <li class="field-item service-twitter list-horiz"> <a href="https://twitter.com/NISTCyber" class="social-btn social-btn--large extlink ext" id="footer-social-twitter-link"> <i class="fa fa-twitter fa-fw"><span class="element-invisible">twitter</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-facebook list-horiz"> <a href="https://www.facebook.com/NIST" class="social-btn social-btn--large extlink ext" id="footer-social-facebook-link"> <i class="fa fa-facebook fa-fw"><span class="element-invisible">facebook</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-linkedin list-horiz"> <a href="https://www.linkedin.com/company/nist" class="social-btn social-btn--large extlink ext" id="footer-social-linkedin-link"> <i class="fa fa-linkedin fa-fw"><span class="element-invisible">linkedin</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-instagram list-horiz"> <a href="https://www.instagram.com/usnistgov/" class="social-btn social-btn--large extlink ext" id="footer-social-instagram-link"> <i class="fa fa-instagram fa-fw"><span class="element-invisible">instagram</span></i> <span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-youtube list-horiz"> <a href="https://www.youtube.com/user/USNISTGOV" class="social-btn social-btn--large extlink ext" id="footer-social-youtube-link"> <i class="fa fa-youtube fa-fw"><span class="element-invisible">youtube</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-rss list-horiz"> <a href="https://www.nist.gov/news-events/nist-rss-feeds" class="social-btn social-btn--large extlink" id="footer-social-rss-link"> <i class="fa fa-rss fa-fw"><span class="element-invisible">rss</span></i> </a> </li> <li class="field-item service-govdelivery list-horiz last"> <a href="https://public.govdelivery.com/accounts/USNIST/subscriber/new?qsp=USNIST_3" class="social-btn social-btn--large extlink ext" title="Subscribe to CSRC and publication updates, and other NIST cybersecurity news" id="footer-social-govdelivery-link"> <i class="fa fa-envelope fa-fw"><span class="element-invisible">govdelivery</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> </ul> <p class="text-right"> Want updates about CSRC and our publications? <a href="https://public.govdelivery.com/accounts/USNIST/subscriber/new?qsp=USNIST_3" class="btn btn-lg btn-primary" style="background-color: #12659c!important; border-color: #12659c!important;" id="footer-subscribe-link">Subscribe</a> </p> </div> </div> <div class="row hidden-sm hidden-md hidden-lg"> <div class="col-sm-12"> <a href="https://www.nist.gov" title="National Institute of Standards and Technology" rel="home" target="_blank" class="footer-nist-logo" id="footer-bottom-nist-logo-link"> <img src="/CSRC/Media/images/logo_rev.png" alt="National Institute of Standards and Technology logo" id="footer-bottom-nist-logo" /> </a> </div> </div> <div class="row"> <div class="col-sm-6"> <p> <a href="/about/contact" id="footer-contact-us-link">Contact Us</a> | <a href="https://www.nist.gov/about-nist/visit" style="display: inline-block;" id="footer-org-link">Our Other Offices</a> </p> </div> <div class="col-sm-6"> <span class="pull-right text-right"> Send inquiries to <a href="mailto:csrc-inquiry@nist.gov?subject=CSRC Inquiry" style="display: inline-block;" id="footer-inquiries-link">csrc-inquiry@nist.gov</a> </span> </div> </div> <div class="row"> <div class="footer-bottom-links-container" id="footer-bottom-links-container"> <ul> <li><a href="https://www.nist.gov/privacy-policy">Site Privacy</a></li> <li><a href="https://www.nist.gov/oism/accessibility">Accessibility</a></li> <li><a href="https://www.nist.gov/privacy">Privacy Program</a></li> <li><a href="https://www.nist.gov/oism/copyrights">Copyrights</a></li> <li><a href="https://www.commerce.gov/vulnerability-disclosure-policy">Vulnerability Disclosure</a></li> <li><a href="https://www.nist.gov/no-fear-act-policy">No Fear Act Policy</a></li> <li><a href="https://www.nist.gov/foia">FOIA</a></li> <li><a href="https://www.nist.gov/environmental-policy-statement">Environmental Policy</a></li> <li><a href="https://www.nist.gov/summary-report-scientific-integrity">Scientific Integrity</a></li> <li><a href="https://www.nist.gov/nist-information-quality-standards">Information Quality Standards</a></li> <li><a href="https://www.commerce.gov/">Commerce.gov</a></li> <li><a href="https://www.science.gov/">Science.gov</a></li> <li><a href="https://www.usa.gov/">USA.gov</a></li> <li><a href="https://vote.gov/">Vote.gov</a></li> </ul> </div> </div> </div> </footer> <script type="text/javascript" src="/dist/js/quick-collapse.js"></script> <script type="text/javascript" src="/dist/app.bundle.js"></script> <!-- USWDS Bottom --> <script type="text/javascript" src="/dist/uswds/js/uswds.min.js"></script> <script type="text/javascript" src="/dist/projects.bundle.js"></script> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10