National Institute of Standards and Technology: Difference between revisions

From USApedia
m (1 revision imported)
m (Text replacement - "The New York Times" to "The New York Times")
Line 219: Line 219:


==Controversy regarding NIST standard SP 800-90==
==Controversy regarding NIST standard SP 800-90==
In September 2013, both ''[[The Guardian]]'' and ''[[The New York Times]]'' reported that NIST allowed the [[National Security Agency]] (NSA) to insert a [[cryptographically secure pseudorandom number generator]] called [[Dual EC DRBG]] into NIST standard [[NIST SP 800-90A|SP 800-90]] that had a [[kleptographic]] [[Backdoor (computing)|backdoor]] that the NSA can use to covertly predict the future outputs of this [[pseudorandom number generator]] thereby allowing the surreptitious decryption of data.<ref name=FCW>{{cite web|last=Konkel|first=Frank|title=What NSA's influence on NIST standards means for feds|url=http://fcw.com/articles/2013/09/06/nsa-nist-standards.aspx|work=FCW|publisher=1105 Government Information Group|access-date=September 10, 2013|date=September 6, 2013|url-status=dead|archive-url=https://web.archive.org/web/20130910030443/http://fcw.com/Articles/2013/09/06/NSA-NIST-standards.aspx|archive-date=September 10, 2013|df=mdy-all}}</ref> Both papers report<ref name=Guardian>{{cite web|title=Revealed: how US and UK spy agencies defeat internet privacy and security|url=https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security|work=The Guardian|access-date=September 7, 2013|author=James Borger|author2=Glenn Greenwald|date=September 6, 2013|url-status=live|archive-url=https://web.archive.org/web/20130918135152/http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security|archive-date=September 18, 2013|df=mdy-all}}</ref><ref>{{cite news|title=N.S.A. Able to Foil Basic Safeguards of Privacy on Web|url=https://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all&_r=0|newspaper=The New York Times|access-date=September 7, 2013|author=Nicole Perlroth|date=September 5, 2013|archive-url=https://web.archive.org/web/20130908112919/http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all&_r=0|archive-date=September 8, 2013|url-status=live}}</ref> that the NSA worked covertly to get its own version of SP 800-90 approved for worldwide use in 2006. The whistle-blowing document states that "eventually, NSA became the sole editor". The reports confirm suspicions and technical grounds publicly raised by cryptographers in 2007 that the EC-DRBG could contain a [[kleptographic]] backdoor (perhaps placed in the standard by NSA).<ref>{{cite magazine|last=Schneier|first=Bruce|title=Did NSA Put a Secret Backdoor in New Encryption Standard?|url=https://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115|magazine=Wired|publisher=Condé Nast|date=November 15, 2007|access-date=September 10, 2013|url-status=live|archive-url=https://archive.today/20120919094854/http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115|archive-date=September 19, 2012|df=mdy-all}}</ref>
In September 2013, both ''[[The Guardian]]'' and ''The New York Times'' reported that NIST allowed the [[National Security Agency]] (NSA) to insert a [[cryptographically secure pseudorandom number generator]] called [[Dual EC DRBG]] into NIST standard [[NIST SP 800-90A|SP 800-90]] that had a [[kleptographic]] [[Backdoor (computing)|backdoor]] that the NSA can use to covertly predict the future outputs of this [[pseudorandom number generator]] thereby allowing the surreptitious decryption of data.<ref name=FCW>{{cite web|last=Konkel|first=Frank|title=What NSA's influence on NIST standards means for feds|url=http://fcw.com/articles/2013/09/06/nsa-nist-standards.aspx|work=FCW|publisher=1105 Government Information Group|access-date=September 10, 2013|date=September 6, 2013|url-status=dead|archive-url=https://web.archive.org/web/20130910030443/http://fcw.com/Articles/2013/09/06/NSA-NIST-standards.aspx|archive-date=September 10, 2013|df=mdy-all}}</ref> Both papers report<ref name=Guardian>{{cite web|title=Revealed: how US and UK spy agencies defeat internet privacy and security|url=https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security|work=The Guardian|access-date=September 7, 2013|author=James Borger|author2=Glenn Greenwald|date=September 6, 2013|url-status=live|archive-url=https://web.archive.org/web/20130918135152/http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security|archive-date=September 18, 2013|df=mdy-all}}</ref><ref>{{cite news|title=N.S.A. Able to Foil Basic Safeguards of Privacy on Web|url=https://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all&_r=0|newspaper=The New York Times|access-date=September 7, 2013|author=Nicole Perlroth|date=September 5, 2013|archive-url=https://web.archive.org/web/20130908112919/http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all&_r=0|archive-date=September 8, 2013|url-status=live}}</ref> that the NSA worked covertly to get its own version of SP 800-90 approved for worldwide use in 2006. The whistle-blowing document states that "eventually, NSA became the sole editor". The reports confirm suspicions and technical grounds publicly raised by cryptographers in 2007 that the EC-DRBG could contain a [[kleptographic]] backdoor (perhaps placed in the standard by NSA).<ref>{{cite magazine|last=Schneier|first=Bruce|title=Did NSA Put a Secret Backdoor in New Encryption Standard?|url=https://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115|magazine=Wired|publisher=Condé Nast|date=November 15, 2007|access-date=September 10, 2013|url-status=live|archive-url=https://archive.today/20120919094854/http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115|archive-date=September 19, 2012|df=mdy-all}}</ref>


NIST responded to the allegations, stating that "NIST works to publish the strongest cryptographic standards possible" and that it uses "a transparent, public process to rigorously vet our recommended standards".<ref>{{cite web|last=Byers|first=Alex|title=NSA encryption info could pose new security risk – NIST weighs in<!-- - Rosenworcel: Refunds for long retrans blackouts -->|url=http://www.politico.com/morningtech/0913/morningtech11574.html|work=Politico|date=September 6, 2013 |access-date=September 10, 2013|url-status=live|archive-url=https://web.archive.org/web/20130927151824/http://www.politico.com/morningtech/0913/morningtech11574.html|archive-date=September 27, 2013|df=mdy-all}}</ref> The agency stated that "there has been some confusion about the standards development process and the role of different organizations in it...The National Security Agency (NSA) participates in the NIST cryptography process because of its recognized expertise. NIST is also required by statute to consult with the NSA."<ref>{{cite web|last=Perlroth|first=Nicole|title=Government Announces Steps to Restore Confidence on Encryption Standards|url=http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/?ref=technology|work=[[The New York Times]]|date=September 10, 2013|access-date=September 11, 2013|url-status=live|archive-url=https://web.archive.org/web/20131029225705/http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/?ref=technology|archive-date=October 29, 2013|df=mdy-all}}</ref> Recognizing the concerns expressed, the agency reopened the public comment period for the SP800-90 publications, promising that "if vulnerabilities are found in these or any other NIST standards, we will work with the cryptographic community to address them as quickly as possible".<ref>{{cite journal|title=Cryptographic Standards Statement|url=https://www.nist.gov/director/cybersecuritystatement-091013.cfm|publisher=National Institute of Standsards in Technology|access-date=September 11, 2013|author=Office of the Director, NIST|journal=NIST |date=September 10, 2013|url-status=live|archive-url=https://web.archive.org/web/20130912234248/http://www.nist.gov/director/cybersecuritystatement-091013.cfm|archive-date=September 12, 2013|df=mdy-all}}</ref> Due to public concern of this [[cryptovirology]] attack, NIST rescinded the EC-DRBG algorithm from the NIST SP 800-90 standard.<ref name="nist_abandonment">{{cite news|url=https://www.nist.gov/itl/csd/sp800-90-042114.cfm|work=National Institute of Standards and Technology|title=NIST Removes Cryptography Algorithm from Random Number Generator Recommendations|date=April 21, 2014|url-status=live|archive-url=https://web.archive.org/web/20160829031025/http://www.nist.gov/itl/csd/sp800-90-042114.cfm|archive-date=August 29, 2016|df=mdy-all}}</ref>
NIST responded to the allegations, stating that "NIST works to publish the strongest cryptographic standards possible" and that it uses "a transparent, public process to rigorously vet our recommended standards".<ref>{{cite web|last=Byers|first=Alex|title=NSA encryption info could pose new security risk – NIST weighs in<!-- - Rosenworcel: Refunds for long retrans blackouts -->|url=http://www.politico.com/morningtech/0913/morningtech11574.html|work=Politico|date=September 6, 2013 |access-date=September 10, 2013|url-status=live|archive-url=https://web.archive.org/web/20130927151824/http://www.politico.com/morningtech/0913/morningtech11574.html|archive-date=September 27, 2013|df=mdy-all}}</ref> The agency stated that "there has been some confusion about the standards development process and the role of different organizations in it...The National Security Agency (NSA) participates in the NIST cryptography process because of its recognized expertise. NIST is also required by statute to consult with the NSA."<ref>{{cite web|last=Perlroth|first=Nicole|title=Government Announces Steps to Restore Confidence on Encryption Standards|url=http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/?ref=technology|work=The New York Times|date=September 10, 2013|access-date=September 11, 2013|url-status=live|archive-url=https://web.archive.org/web/20131029225705/http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/?ref=technology|archive-date=October 29, 2013|df=mdy-all}}</ref> Recognizing the concerns expressed, the agency reopened the public comment period for the SP800-90 publications, promising that "if vulnerabilities are found in these or any other NIST standards, we will work with the cryptographic community to address them as quickly as possible".<ref>{{cite journal|title=Cryptographic Standards Statement|url=https://www.nist.gov/director/cybersecuritystatement-091013.cfm|publisher=National Institute of Standsards in Technology|access-date=September 11, 2013|author=Office of the Director, NIST|journal=NIST |date=September 10, 2013|url-status=live|archive-url=https://web.archive.org/web/20130912234248/http://www.nist.gov/director/cybersecuritystatement-091013.cfm|archive-date=September 12, 2013|df=mdy-all}}</ref> Due to public concern of this [[cryptovirology]] attack, NIST rescinded the EC-DRBG algorithm from the NIST SP 800-90 standard.<ref name="nist_abandonment">{{cite news|url=https://www.nist.gov/itl/csd/sp800-90-042114.cfm|work=National Institute of Standards and Technology|title=NIST Removes Cryptography Algorithm from Random Number Generator Recommendations|date=April 21, 2014|url-status=live|archive-url=https://web.archive.org/web/20160829031025/http://www.nist.gov/itl/csd/sp800-90-042114.cfm|archive-date=August 29, 2016|df=mdy-all}}</ref>


==Publications==
==Publications==

Revision as of 00:03, 22 December 2024

National Institute of Standards and Technology (NIST)
File:NIST logo.svg
Agency Overview
Formed Template:Ubil
Headquarters 100 Bureau Drive
Gaithersburg, Maryland, U.S.
Employees Approx. 3,400[1]
Annual budget $1.03 billion (FY 2021)[2]
Agency Executive Laurie E. Locascio[3], Director of NIST and Under Secretary of Commerce for Standards and Technology
Parent department Department of Commerce
Website
nist.gov

The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical science laboratory programs that include nanoscale science and technology, engineering, information technology, neutron research, material measurement, and physical measurement. From 1901 to 1988, the agency was named the National Bureau of Standards.[4]

History

Background

The Articles of Confederation, ratified by the colonies in 1781, provided:

The United States in Congress assembled shall also have the sole and exclusive right and power of regulating the alloy and value of coin struck by their own authority, or by that of the respective states—fixing the standards of weights and measures throughout the United States.[5]

Article 1, section 8, of the Constitution of the United States, ratified in 1789, granted these powers to the new Congress: "The Congress shall have power ... To coin money, regulate the value thereof, and of foreign coin, and fix the standard of weights and measures".[6]

In January 1790, President George Washington, in his first annual message to Congress, said, "Uniformity in the currency, weights, and measures of the United States is an object of great importance, and will, I am persuaded, be duly attended to."[7]

On October 25, 1791, Washington again appealed Congress:

A uniformity of the weights and measures of the country is among the important objects submitted to you by the Constitution and if it can be derived from a standard at once invariable and universal, must be no less honorable to the public council than conducive to the public convenience.[8]

In 1821, President John Quincy Adams declared, "Weights and measures may be ranked among the necessities of life to every individual of human society.".[9] Nevertheless, it was not until 1838 that the United States government adopted a uniform set of standards.[6]

From 1830 until 1901, the role of overseeing weights and measures was carried out by the Office of Standard Weights and Measures, which was part of the Survey of the Coast—renamed the United States Coast Survey in 1836 and the United States Coast and Geodetic Survey in 1878—in the United States Department of the Treasury.[10][11][12]

Bureau of Standards (1901–1988)

In 1901, in response to a bill proposed by Congressman James H. Southard (R, Ohio), the National Bureau of Standards was founded with the mandate to provide standard weights and measures, and to serve as the national physical laboratory for the United States. Southard had previously sponsored a bill for metric conversion of the United States.[13]

President Theodore Roosevelt appointed Samuel W. Stratton as the first director. The budget for the first year of operation was $40,000. The Bureau took custody of the copies of the kilogram and meter bars that were the standards for US measures, and set up a program to provide metrology services for United States scientific and commercial users. A laboratory site was constructed in Washington, DC, and instruments were acquired from the national physical laboratories of Europe. In addition to weights and measures, the Bureau developed instruments for electrical units and for measurement of light. In 1905 a meeting was called that would be the first "National Conference on Weights and Measures".

Initially conceived as purely a metrology agency, the Bureau of Standards was directed by Herbert Hoover to set up divisions to develop commercial standards for materials and products.[13] Some of these standards were for products intended for government use, but product standards also affected private-sector consumption. Quality standards were developed for products including some types of clothing, automobile brake systems and headlamps, antifreeze, and electrical safety. During World War I, the Bureau worked on multiple problems related to war production, even operating its own facility to produce optical glass when European supplies were cut off. Between the wars, Harry Diamond of the Bureau developed a blind approach radio aircraft landing system. During World War II, military research and development was carried out, including development of radio propagation forecast methods, the proximity fuze and the standardized airframe used originally for Project Pigeon, and shortly afterwards the autonomously radar-guided Bat anti-ship guided bomb and the Kingfisher family of torpedo-carrying missiles.

In 1948, financed by the United States Air Force, the Bureau began design and construction of SEAC, the Standards Eastern Automatic Computer. The computer went into operation in May 1950 using a combination of vacuum tubes and solid-state diode logic. About the same time the Standards Western Automatic Computer, was built at the Los Angeles office of the NBS by Harry Huskey and used for research there. A mobile version, DYSEAC, was built for the Signal Corps in 1954.

National Institute of Standards and Technology (from 1988)

Due to a changing mission, the "National Bureau of Standards" became the "National Institute of Standards and Technology" in 1988.[10] Following the September 11, 2001 attacks, under the National Construction Safety Team Act (NCST), NIST conducted the official investigation into the collapse of the World Trade Center buildings. Following the 2021 Surfside condominium building collapse, NIST sent engineers to the site to investigate the cause of the collapse.[14]

In 2019, NIST launched a program named NIST on a Chip to decrease the size of instruments from lab machines to chip size. Applications include aircraft testing, communication with satellites for navigation purposes, and temperature and pressure.[15]

In 2023, the Biden administration began plans to create a U.S. AI Safety Institute within NIST to coordinate AI safety matters. According to The Washington Post, NIST is considered "notoriously underfunded and understaffed", which could present an obstacle to these efforts.[16]

Constitution

NIST, known between 1901 and 1988 as the National Bureau of Standards (NBS), is a measurement standards laboratory, also known as the National Metrological Institute (NMI), which is a non-regulatory agency of the United States Department of Commerce. The institute's official mission is to:[17]

Promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.

— NIST

NIST had an operating budget for fiscal year 2007 (October 1, 2006 – September 30, 2007) of about $843.3 million. NIST's 2009 budget was $992 million, and it also received $610 million as part of the American Recovery and Reinvestment Act.[18] NIST employs about 2,900 scientists, engineers, technicians, and support and administrative personnel. About 1,800 NIST associates (guest researchers and engineers from American companies and foreign countries) complement the staff. In addition, NIST partners with 1,400 manufacturing specialists and staff at nearly 350 affiliated centers around the country. NIST publishes the Handbook 44 that provides the "Specifications, tolerances, and other technical requirements for weighing and measuring devices".

Metric system

The Congress of 1866 made use of the metric system in commerce a legally protected activity through the passage of Metric Act of 1866.[19] On May 20, 1875, 17 out of 20 countries signed a document known as the Metric Convention or the Treaty of the Meter, which established the International Bureau of Weights and Measures under the control of an international committee elected by the General Conference on Weights and Measures.[20]

Organization

File:NIST AML building.jpg
Advanced Measurement Laboratory Complex in Gaithersburg
File:NIST campus aerial 2019.jpg
Aerial view of the Gaithersburg campus in 2019
File:NIST in the mist.jpg
Boulder Laboratories

NIST is headquartered in Gaithersburg, Maryland, and operates a facility in Boulder, Colorado, which was dedicated by President Eisenhower in 1954.[21][22][23] NIST's activities are organized into laboratory programs and extramural programs. Effective October 1, 2010, NIST was realigned by reducing the number of NIST laboratory units from ten to six.[24] NIST Laboratories include:[25]

  • Communications Technology Laboratory (CTL)[26]
  • Engineering Laboratory (EL)[27]
  • Information Technology Laboratory (ITL)[28]
  • Center for Neutron Research (NCNR)[29]
  • Material Measurement Laboratory (MML)[30]
  • Physical Measurement Laboratory (PML)[31]

Extramural programs include:

  • Hollings Manufacturing Extension Partnership (MEP),[32] a nationwide network of centers to assist small and mid-sized manufacturers to create and retain jobs, improve efficiencies, and minimize waste through process improvements and to increase market penetration with innovation and growth strategies;
  • Technology Innovation Program (TIP), a grant program where NIST and industry partners cost share the early-stage development of innovative but high-risk technologies;
  • Baldrige Performance Excellence Program, which administers the Malcolm Baldrige National Quality Award, the nation's highest award for performance and business excellence.

NIST's Boulder laboratories are best known for NIST‑F1, which houses an atomic clock. NIST‑F1 serves as the source of the nation's official time. From its measurement of the natural resonance frequency of cesium—which defines the second—NIST broadcasts time signals via longwave radio station WWVB near Fort Collins, Colorado, and shortwave radio stations WWV and WWVH, located near Fort Collins and Kekaha, Hawaii, respectively.[33]

NIST also operates a neutron science user facility: the NIST Center for Neutron Research (NCNR). The NCNR provides scientists access to a variety of neutron scattering instruments, which they use in many research fields (materials science, fuel cells, biotechnology, etc.).

The SURF III Synchrotron Ultraviolet Radiation Facility is a source of synchrotron radiation, in continuous operation since 1961. SURF III now serves as the US national standard for source-based radiometry throughout the generalized optical spectrum. All NASA-borne, extreme-ultraviolet observation instruments have been calibrated at SURF since the 1970s, and SURF is used for the measurement and characterization of systems for extreme ultraviolet lithography.

The Center for Nanoscale Science and Technology (CNST) performs research in nanotechnology, both through internal research efforts and by running a user-accessible cleanroom nanomanufacturing facility. This "NanoFab" is equipped with tools for lithographic patterning and imaging (e.g., electron microscopes and atomic force microscopes).

Committees

NIST has seven standing committees:

Projects

File:NIST HipHopAtomLogo.jpg
A 40 nm wide NIST logo made with cobalt atoms

Measurements and standards

As part of its mission, NIST supplies industry, academia, government, and other users with over 1,300 Standard Reference Materials (SRMs). These artifacts are certified as having specific characteristics or component content, used as calibration standards for measuring equipment and procedures, quality control benchmarks for industrial processes, and experimental control samples.

Handbook 44

NIST publishes the Handbook 44 each year after the annual meeting of the National Conference on Weights and Measures (NCWM). Each edition is developed through cooperation of the Committee on Specifications and Tolerances of the NCWM and the Weights and Measures Division (WMD) of NIST. The purpose of the book is a partial fulfillment of the statutory responsibility for "cooperation with the states in securing uniformity of weights and measures laws and methods of inspection".

NIST has been publishing various forms of what is now the Handbook 44 since 1918 and began publication under the current name in 1949. The 2010 edition conforms to the concept of the primary use of the SI (metric) measurements recommended by the Omnibus Foreign Trade and Competitiveness Act of 1988.[34][35]

Homeland security

NIST is developing government-wide identity document standards for federal employees and contractors to prevent unauthorized persons from gaining access to government buildings and computer systems.[36]

World Trade Center collapse investigation

In 2002, the National Construction Safety Team Act mandated NIST to conduct an investigation into the collapse of the World Trade Center buildings 1 and 2 and the 47-story 7 World Trade Center. The "World Trade Center Collapse Investigation", directed by lead investigator Shyam Sunder,[37] covered three aspects, including a technical building and fire safety investigation to study the factors contributing to the probable cause of the collapses of the WTC Towers (WTC 1 and 2) and WTC 7. NIST also established a research and development program to provide the technical basis for improved building and fire codes, standards, and practices, and a dissemination and technical assistance program to engage leaders of the construction and building community in implementing proposed changes to practices, standards, and codes. NIST also is providing practical guidance and tools to better prepare facility owners, contractors, architects, engineers, emergency responders, and regulatory authorities to respond to future disasters. The investigation portion of the response plan was completed with the release of the final report on 7 World Trade Center on November 20, 2008. The final report on the WTC Towers—including 30 recommendations for improving building and occupant safety—was released on October 26, 2005.[38]

Election technology

NIST works in conjunction with the Technical Guidelines Development Committee of the Election Assistance Commission to develop the Voluntary Voting System Guidelines for voting machines and other election technology.

Cybersecurity Framework

In February 2014 NIST published the NIST Cybersecurity Framework that serves as voluntary guidance for organizations to manage and reduce cybersecurity risk.[39] It was later amended and Version 1.1 was published in April 2018.[40] Executive Order 13800, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, made the Framework mandatory for U.S. federal government agencies.[39] An extension to the NIST Cybersecurity Framework is the Cybersecurity Maturity Model (CMMC) which was introduced in 2019 (though the origin of CMMC began with Executive Order 13556).[41]

It emphasizes the importance of implementing Zero-trust architecture (ZTA) which focuses on protecting resources over the network perimeter. ZTA utilizes zero trust principles which include "never trust, always verify", "assume breach" and "least privileged access" to safeguard users, assets, and resources. Since ZTA holds no implicit trust to users within the network perimeter, authentication and authorization are performed at every stage of a digital transaction. This reduces the risk of unauthorized access to resources.[42]

NIST released a draft of the CSF 2.0 for public comment through November 4, 2023. NIST decided to update the framework to make it more applicable to small and medium size enterprises that use the framework, as well as to accommodate the constantly changing nature of cybersecurity.[43]

In August 2024, NIST released a final set of encryption tools designed to withstand the attack of a quantum computer. These post-quantum encryption standards secure a wide range of electronic information, from confidential email messages to e-commerce transactions that propel the modern economy.[44]

People

Four scientific researchers at NIST have been awarded Nobel Prizes for work in physics: William Daniel Phillips in 1997, Eric Allin Cornell in 2001, John Lewis Hall in 2005 and David Jeffrey Wineland in 2012, which is the largest number for any US government laboratory not accounting for ubiquitous government contracts to state institutions and the private sector. All four were recognized for their work related to laser cooling of atoms, which is directly related to the development and advancement of the atomic clock. In 2011, Dan Shechtman was awarded the Nobel Prize in chemistry for his work on quasicrystals in the Metallurgy Division from 1982 to 1984. In addition, John Werner Cahn was awarded the 2011 Kyoto Prize for Materials Science, and the National Medal of Science has been awarded to NIST researchers Cahn (1998) and Wineland (2007). Other notable people who have worked at NBS or NIST include:

Directors

Since 1989, the director of NIST has been a Presidential appointee and is confirmed by the United States Senate,[45] and since that year the average tenure of NIST directors has fallen from 11 years to 2 years in duration. Since the 2011 reorganization of NIST, the director also holds the title of Under Secretary of Commerce for Standards and Technology. Fifteen individuals have officially held the position (in addition to four acting directors who have served on a temporary basis).

Patents

NIST holds patents on behalf of the Federal government of the United States,[46] with at least one of them being custodial to protect public domain use, such as one for a Chip-scale atomic clock, developed by a NIST team as part of a DARPA competition.[47]

Controversy regarding NIST standard SP 800-90

In September 2013, both The Guardian and The New York Times reported that NIST allowed the National Security Agency (NSA) to insert a cryptographically secure pseudorandom number generator called Dual EC DRBG into NIST standard SP 800-90 that had a kleptographic backdoor that the NSA can use to covertly predict the future outputs of this pseudorandom number generator thereby allowing the surreptitious decryption of data.[48] Both papers report[49][50] that the NSA worked covertly to get its own version of SP 800-90 approved for worldwide use in 2006. The whistle-blowing document states that "eventually, NSA became the sole editor". The reports confirm suspicions and technical grounds publicly raised by cryptographers in 2007 that the EC-DRBG could contain a kleptographic backdoor (perhaps placed in the standard by NSA).[51]

NIST responded to the allegations, stating that "NIST works to publish the strongest cryptographic standards possible" and that it uses "a transparent, public process to rigorously vet our recommended standards".[52] The agency stated that "there has been some confusion about the standards development process and the role of different organizations in it...The National Security Agency (NSA) participates in the NIST cryptography process because of its recognized expertise. NIST is also required by statute to consult with the NSA."[53] Recognizing the concerns expressed, the agency reopened the public comment period for the SP800-90 publications, promising that "if vulnerabilities are found in these or any other NIST standards, we will work with the cryptographic community to address them as quickly as possible".[54] Due to public concern of this cryptovirology attack, NIST rescinded the EC-DRBG algorithm from the NIST SP 800-90 standard.[55]

Publications

In addition to these journals, NIST (and the National Bureau of Standards before it) has a robust technical reports publishing arm. NIST technical reports are published in several dozen series, which cover a wide range of topics, from computer technology to construction to aspects of standardization including weights, measures and reference data.[56] In addition to technical reports, NIST scientists publish many journal and conference papers each year; an database of these, along with more recent technical reports, can be found on the NIST website.[57]

See also

References

  1. "NIST General Information". NIST (National Institute of Standards and Technology). December 24, 2008. https://www.nist.gov/director/pao/nist-general-information. 
  2. "FY 2022: Presidential Budget Request Summary". NIST (National Institute of Standards and Technology). June 8, 2021. https://www.nist.gov/director/congressional-and-legislative-affairs/nist-appropriations-summary-0/fy-2022-presidential. 
  3. "Laurie E. Locascio". United States Department of Commerce. https://www.commerce.gov/about/leadership/laurie-e-locascio. 
  4. "National Institute of Standards and Technology" (in en). https://www.commerce.gov/bureaus-and-offices/nist. 
  5. Articles of Confederation of 1781, article IX, paragraph 4.
  6. 6.0 6.1 NBS special publication 447 Archived October 17, 2011, at the Wayback Machine-Retrieved September 28, 2011
  7. "Founders Online: From George Washington to the United States Senate and House o …" (in en). http://founders.archives.gov/documents/Washington/05-04-02-0361. 
  8. https://nvlpubs.nist.gov/nistpubs/bulletin/01/nbsbulletinv1n3p365_A2b.pdf Archived June 4, 2018, at the Wayback Machine[bare URL PDF]
  9. "Presidential Measurements Timeline". NIST. February 5, 2014. https://www.nist.gov/pml/weights-and-measures/presidential-measurements-timeline. 
  10. 10.0 10.1 Records of the National Institute of Standards and Technology (NIST) Archived October 19, 2017, at the Wayback Machine, National Archives and Records Administration website, (Record Group 167), 1830–1987.
  11. "noaa.gov NOAA History: NOAA Legacy Timeline 1807–1899". http://www.history.noaa.gov/legacy/time1800.html. 
  12. Theberge, Captain Albert E., The Coast Survey 1807–1867: Volume I of the History of the Commissioned Corps of the National Oceanic and Atmospheric Administration, "THE HASSLER LEGACY: FERDINAND RUDOLPH HASSLER and the UNITED STATES COAST SURVEY: THE REBIRTH OF THE SURVEY," no publisher listed, NOAA History, 1998. Archived November 9, 2014, at the Wayback Machine
  13. 13.0 13.1 John Perry, The Story of Standards, Funk and Wagnalls, 1953, Library of Congress Cat. No. 55-11094, p. 123
  14. "Agency that studied fall of Twin Towers in line to probe collapse of condo near Miami Beach". Miami Herald. https://www.miamiherald.com/news/local/community/miami-dade/miami-beach/article252392883.html. 
  15. sarah.henderson@nist.gov (2019-12-17). "NIST on a Chip Introduction" (in en). NIST. https://www.nist.gov/noac/introduction. 
  16. Faiola, Anthony; Zakrzewski, Cat (2023-11-02). "Governments used to lead innovation. On AI, they're falling behind.". Washington Post. https://www.washingtonpost.com/technology/2023/11/02/ai-regulation-bletchley-park/. 
  17. NIST General Information. Archived August 23, 2016, at the Wayback Machine Retrieved on August 21, 2010.
  18. "NIST Budget, Planning and Economic Studies". NIST (National Institute of Standards and Technology). October 5, 2010. https://www.nist.gov/public_affairs/budget/index.cfm. 
  19. "Weights and Measures Standards of the United States a brief history". p. 41. http://ts.nist.gov/WeightsAndMeasures/upload/SP_447-2.pdf. 
  20. "Weights and Measures Standards of the United States a brief history". p. 22. http://ts.nist.gov/WeightsAndMeasures/upload/SP_447-2.pdf. 
  21. "Ike dedicates lab, voices peace hopes". Deseret News. United Press ((Salt Lake City, Utah)): p. A1. September 14, 1954. https://news.google.com/newspapers?id=VcxOAAAAIBAJ&sjid=z0kDAAAAIBAJ&pg=2568%2C2237101. 
  22. "Ike dedicates two labs;'New type of frontier'". Meriden Record. Associated Press ((Connecticut)): p. 22. September 15, 1954. https://news.google.com/newspapers?id=RVBHAAAAIBAJ&sjid=cP4MAAAAIBAJ&pg=1790%2C1441025. 
  23. "Significant papers from the first 50 years of the Boulder Labs". United States Department of Commerce: Boulder Laboratories. August 2004. p. 4. https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir6618.pdf. 
  24. "NIST Strengthens Laboratory Mission Focus with New Structure". September 28, 2010. Archived from the original on August 28, 2016. https://web.archive.org/web/20160828105829/http://www.nist.gov/public_affairs/releases/reorg_092810.cfm. 
  25. NIST Laboratories Archived August 26, 2016, at the Wayback Machine. National Institute of Standards and Technology. Retrieved on May 10, 2016.
  26. Communications Technology Laboratory Archived October 7, 2017, at the Wayback Machine (CTL)
  27. Engineering Laboratory Archived July 12, 2017, at the Wayback Machine (EL)
  28. Information Technology Laboratory Archived July 12, 2017, at the Wayback Machine (ITL)
  29. NIST Center for Neutron Research Archived July 12, 2017, at the Wayback Machine (NCNR)
  30. Material Measurement Laboratory Archived July 12, 2017, at the Wayback Machine (MML)
  31. Physical Measurement Laboratory Archived July 12, 2017, at the Wayback Machine (PML)
  32. Hollings Manufacturing Extension Partnership Archived July 12, 2017, at the Wayback Machine (MEP)
  33. [1]. NIST. Retrieved on March 18, 2014.[dead link]
  34. Handbook 44 Archived October 20, 2011, at the Wayback Machine- "Forward; page 5" Retrieved: September 28, 2011
  35. 100th Congress (1988) (June 16, 1988). "H.R. 4848". Legislation. GovTrack.us. http://www.govtrack.us/congress/bill.xpd?bill=h100-4848. "Omnibus Trade and Competitiveness Act of 1988" 
  36. "Personal Identity Verification (PIV) of Federal Employees and Contractors". U.S. Department of Commerce. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.201-3.pdf. 
  37. Eric Lipton (August 22, 2008). "Fire, Not Explosives, Felled 3rd Tower on 9/11, Report Says". New York Times. https://www.nytimes.com/2008/08/22/nyregion/22wtccnd.html. 
  38. "Final Reports of the Federal Building and Fire Investigation of the World Trade Center Disaster". National Institute of Standards and Technology. October 2005. http://wtc.nist.gov/reports_october05.htm. 
  39. 39.0 39.1 "Questions and Answers". NIST. February 13, 2018. https://www.nist.gov/cyberframework/frequently-asked-questions/framework-basics#basics. 
  40. "Cybersecurity Framework Documents". NIST. February 5, 2018. https://www.nist.gov/cyberframework/framework. 
  41. Sharpe, Waits (2022-10-06). "The History of CMMC" (in en-US). https://www.corp-infotech.com/history-of-cmmc/. 
  42. Teerakanok, Songpon; Uehara, Tetsutaro; Inomata, Atsuo; Li, Qi (2021-01-01). "Migrating to Zero Trust Architecture: Reviews and Challenges". Security and Communication Networks 2021: 1–10. doi:10.1155/2021/9947347. ISSN 1939-0114. 
  43. "Discussion Draft of the NIST Cybersecurity Framework 2.0 Core with Implementation Examples". August 8, 2023. https://csrc.nist.gov/pubs/other/2023/08/08/discussion-draft-of-the-nist-csf-20-core-with-impl/ipd. 
  44. "NIST Releases First 3 Finalized Post-Quantum Encryption Standards" (in en). NIST. 2024-08-13. https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards. 
  45. "2012 Plum Book". 2012. https://m.gpo.gov/plumbook/#positionDetail/2899. 
  46. "Results of Search in US Patent Collection db for: AANM/NIST". U.S. Patent and Trademark Office. http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&p=1&u=/netahtml/PTO/search-bool.html&r=0&f=S&l=50&TERM1=NIST&FIELD1=AANM&d=PTXT. 
  47. Ost, Laura (2 December 2011). "Success Story: Chip-Scale Atomic Clock". NIST (National Institute of Standards and Technology). https://www.nist.gov/noac/success-story-chip-scale-atomic-clock. 
  48. Konkel, Frank (September 6, 2013). "What NSA's influence on NIST standards means for feds". FCW. 1105 Government Information Group. http://fcw.com/articles/2013/09/06/nsa-nist-standards.aspx. 
  49. James Borger; Glenn Greenwald (September 6, 2013). "Revealed: how US and UK spy agencies defeat internet privacy and security". The Guardian. https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security. 
  50. Nicole Perlroth (September 5, 2013). "N.S.A. Able to Foil Basic Safeguards of Privacy on Web". The New York Times. https://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all&_r=0. 
  51. Lua error in Module:Citation/CS1/Configuration at line 2088: attempt to index field '?' (a nil value).
  52. Byers, Alex (September 6, 2013). "NSA encryption info could pose new security risk – NIST weighs in". Politico. http://www.politico.com/morningtech/0913/morningtech11574.html. 
  53. Perlroth, Nicole (September 10, 2013). "Government Announces Steps to Restore Confidence on Encryption Standards". The New York Times. http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/?ref=technology. 
  54. Office of the Director, NIST (September 10, 2013). "Cryptographic Standards Statement". NIST (National Institute of Standsards in Technology). https://www.nist.gov/director/cybersecuritystatement-091013.cfm. 
  55. "NIST Removes Cryptography Algorithm from Random Number Generator Recommendations". National Institute of Standards and Technology. April 21, 2014. https://www.nist.gov/itl/csd/sp800-90-042114.cfm. 
  56. NIST (February 8, 2011). "NIST Series Publications" (in en). https://www.nist.gov/nist-research-library/nist-series-publications. 
  57. "Publications" (in en). April 24, 2024. https://www.nist.gov/publications. 

External links

Template:Wikisource-author

Template:Time signal authorities Lua error in Module:Authority_control at line 158: attempt to index field 'wikibase' (a nil value).