National Cybersecurity Center of Excellence (NCCoE) Migration to Post-Quantum Cryptography

CourtNational Institute Of Standards And Technology
Citation86 FR 56898
Record Number2021-22223
Publication Date13 Oct 2021
56898
Federal Register / Vol. 86, No. 195 / Wednesday, October 13, 2021 / Notices
wind towers or sections thereof, unless those
components are shipped with the tower
sections.
Merchandise covered by this investigation
is currently classified in the Harmonized
Tariff Schedule of the United States (HTSUS)
under subheading 7308.20.0020 or
8502.31.0000. Wind towers of iron or steel
are classified under HTSUS 7308.20.0020
when imported separately as a tower or tower
section(s). Wind towers may be classified
under HTSUS 8502.31.0000 when imported
as combination goods with a wind turbine
(i.e., accompanying nacelles and/or rotor
blades). While the HTSUS subheadings are
provided for convenience and customs
purposes, the written description of the
scope of the investigation is dispositive.
Appendix II
List of Topics Discussed in the Issues and
Decision Memorandum
I. Summary
II. Background
III. Use of Facts Otherwise Available and
Adverse Inferences
IV. Subsidies Valuation Information
V. Analysis of Programs
VI. Analysis of Comments
Comment 1: Whether Commerce Should
Apply Adverse Facts Available (AFA) to
Vestas Wind Technology India Private
Limited (Vestas)
Comment 2: Whether the Advance
Authorization Program (AAP) is Tied to
Non-Subject Merchandise
Comment 3: Whether Commerce Should
Revise its Benefit Methodology for the
Duty Drawback (DDB) Program
Comment 4: Whether Commerce
Unlawfully Cumulated Vestas’s Benefits
With the Benefits of its Tollers
Comment 5: Whether the Merchandise
Export Incentive Scheme (MEIS)
Program is Tied to Non-Subject
Merchandise
Comment 6: Whether the Provision of Land
for Less Than Adequate Remuneration
(LTAR) by the Gujarat Industrial
Development Corporation (GIDC) is
Specific and Confers Countervailable
Benefits
Comment 7: Whether the Provision of
Water for LTAR Conferred a Benefit
Comment 8: Whether Commerce Correctly
Attributed Benefits for the Export
Promotion of Capital Goods (EPCG)
Program
Comment 9: Whether the AAP and DDB
Programs are Countervailable Under the
Agreement on Subsidies and
Countervailing Measures (SCM
Agreement)
Comment 10: Whether Commerce Correctly
Applied AFA to the Government of India
(GOI)
Comment 11: Whether Commerce Correctly
Initiated New Subsidy Allegations
(NSAs)
VII. Recommendation
[FR Doc. 2021–22246 Filed 10–12–21; 8:45 am]
BILLING CODE 3510–DS–P
DEPARTMENT OF COMMERCE
National Institute of Standards and
Technology
[Docket No.: 210915–0186]
National Cybersecurity Center of
Excellence (NCCoE) Migration to Post-
Quantum Cryptography
AGENCY
: National Institute of Standards
and Technology, Department of
Commerce.
ACTION
: Notice.
SUMMARY
: The National Institute of
Standards and Technology (NIST)
invites organizations to provide letters
of interest describing products and
technical expertise to support and
demonstrate security platforms for the
Migration to Post-Quantum
Cryptography project. This notice is the
initial step for the National
Cybersecurity Center of Excellence
(NCCoE) in collaborating with
technology companies to address
cybersecurity challenges identified
under the Migration to Post-Quantum
Cryptography project. Participation in
the project is open to all interested
organizations.
DATES
: Collaborative activities will
commence as soon as enough completed
and signed letters of interest have been
returned to address all the necessary
components and capabilities, but no
earlier than November 12, 2021.
ADDRESSES
: The NCCoE is located at
9700 Great Seneca Highway, Rockville,
MD 20850. Letters of interest must be
submitted to applied-crypto-pqc@
nist.gov or via hardcopy to National
Institute of Standards and Technology,
NCCoE; 9700 Great Seneca Highway,
Rockville, MD 20850. Interested parties
can access the letter of interest template
by visiting the website and completing
the letter of interest webform. NIST will
announce the completion of the
selection of participants and inform the
public that it is no longer accepting
letters of interest for this project at
https://www.nccoe.nist.gov/projects/
building-blocks/post-quantum-
cryptography. Organizations whose
letters of interest are accepted will be
asked to sign a consortium Cooperative
Research and Development Agreement
(CRADA) with NIST; a template CRADA
can be found at: https://nccoe.nist.gov/
library/nccoe-consortium-crada-
example.
FOR FURTHER INFORMATION CONTACT
:
William Newhouse via telephone 301–
975–0232; by email applied-crypto-
pqc@nist.gov; or by mail to National
Institute of Standards and Technology,
NCCoE; 9700 Great Seneca Highway,
Rockville, MD 20850. Additional details
about the Migration to Post-Quantum
Cryptography project are available at
https://www.nccoe.nist.gov/projects/
building-blocks/post-quantum-
cryptography.
SUPPLEMENTARY INFORMATION
:
Background: The NCCoE, part of
NIST, is a public-private collaboration
for accelerating the widespread
adoption of integrated cybersecurity
tools and technologies. The NCCoE
brings together experts from industry,
government, and academia under one
roof to develop practical, interoperable
cybersecurity approaches that address
the real-world needs of complex
Information Technology (IT) systems.
By accelerating dissemination and use
of these integrated tools and
technologies for protecting IT assets, the
NCCoE will enhance trust in U.S. IT
communications, data, and storage
systems; reduce risk for companies and
individuals using IT systems; and
encourage development of innovative,
job-creating cybersecurity products and
services.
Process: NIST is soliciting responses
from all sources of relevant security
capabilities (see below) to enter into a
Cooperative Research and Development
Agreement (CRADA) to provide
products and technical expertise to
support and demonstrate security
platforms for the Migration to Post-
Quantum Cryptography project. The full
project can be viewed at: https://
www.nccoe.nist.gov/projects/building-
blocks/post-quantum-cryptography.
Interested parties can access the
template for a letter of interest by
visiting the project website at https://
www.nccoe.nist.gov/projects/building-
blocks/post-quantum-cryptography and
completing the letter of interest
webform. On completion of the
webform, interested parties will receive
access to the letter of interest template,
which the party must complete, certify
as accurate, and submit to NIST by
email or hardcopy. NIST will contact
interested parties if there are questions
regarding the responsiveness of the
letters of interest to the project objective
or requirements identified below. NIST
will select participants who have
submitted complete letters of interest on
a first come, first served basis within
each category of product components or
capabilities listed below, up to the
number of participants in each category
necessary to carry out this project.
When the project has been completed,
NIST will post a notice on the Migration
to Post-Quantum Cryptography project
website at https://www.nccoe.nist.gov/
VerDate Sep<11>2014 18:01 Oct 12, 2021 Jkt 256001 PO 00000 Frm 00014 Fmt 4703 Sfmt 4703 E:\FR\FM\13OCN1.SGM 13OCN1
jspears on DSK121TN23PROD with NOTICES1
56899
Federal Register / Vol. 86, No. 195 / Wednesday, October 13, 2021 / Notices
projects/building-blocks/post-quantum-
cryptography announcing the
completion of the project and informing
the public that it is no longer accepting
letters of interest for this project.
Completed letters of interest should
be submitted to NIST and will be
accepted on a first come, first served
basis. There may be continuing
opportunity to participate even after
initial activity commences for
participants who were not selected
initially or have submitted the letter of
interest after the selection process.
Selected participants will be required to
enter into a consortium CRADA with
NIST (for reference, see
ADDRESSES
section above).
Project Objective: The advent of
quantum computing technology will
compromise many of the current
cryptographic algorithms, especially
public-key cryptography, which are
widely used to protect digital
information. Work on the development
of quantum-resistant public-key
cryptographic standards is underway,
and algorithm selection is expected to
be completed in the next one to two
years (https://csrc.nist.gov/projects/
post-quantum-cryptography).
Replacement of cryptographic
algorithms is both technically and
logistically challenging. It can take years
or even decades to complete. In order to
address these challenges, the NCCoE is
undertaking a practical demonstration
of technology and tools that can provide
a head start on executing a migration
roadmap in collaboration with a public
and private sector community of
interest.
To meet the need to accelerate
migration to quantum-resistant
cryptography, the NCCoE Migration to
Post-Quantum Cryptography project
will demonstrate tools for discovery of
quantum-vulnerable cryptographic code
or dependencies on such code. The
tools to be demonstrated provide
automation assistance in identifying
where and how public-key cryptography
is being used in data centers on-
premises or in the cloud and distributed
compute, storage, and network
infrastructures. The project can also
contribute to updates to standards,
guidelines, regulations, hardware,
firmware, operating systems,
communication protocols,
cryptographic libraries, and applications
that employ cryptography. The audience
for the project includes developers of
products that use public-key
cryptographic algorithms, integrators of
such products, customer organizations
that acquire or configure such products,
and bodies that standardize protocols
that employ or are dependent on public-
key cryptographic algorithms.
The proposed proof-of-concept
solution(s) will integrate commercial
and open source products that leverage
cybersecurity standards and
recommended practices to demonstrate
the use case scenarios detailed in the
Migration to Post-Quantum
Cryptography project description at
https://www.nccoe.nist.gov/projects/
building-blocks/post-quantum-
cryptography. This project will result in
a publicly available NIST Cybersecurity
Practice Guide as a Special Publication
1800 series, a detailed implementation
guide describing the practical steps
needed to implement a cybersecurity
reference implementation. Supporting
outputs may include playbook, tools,
code, and white papers.
Requirements for Letters of Interest:
Each responding organization’s letter of
interest should identify which security
platform component(s) or capability(ies)
it is offering. Letters of interest should
not include company proprietary
information, and all components and
capabilities must be commercially
available. Components are listed in
section 3 of the Migration to Post-
Quantum Cryptography project
description at https://
www.nccoe.nist.gov/projects/building-
blocks/post-quantum-cryptography and
include, but are not limited to:
General IT components:
ÆCompute, storage, and network
resources necessary to running
cryptographic code detection tools
Æcloud services
Functional security components:
ÆThe data security component
Æthe endpoint security component
Æthe identity and access
management component
Æthe security analytics component
Devices and network infrastructure
components:
ÆAssets including the devices/
endpoints
Æcore enterprise resources such as
applications/services
Ænetwork infrastructure components
Approaches and tools for discovering
public-key cryptography
components in:
ÆOperating systems
Æapplication code
Æhardware implementing,
controlling, or accelerating crypto
functionality
Approaches and tools for discovering
algorithm migration impacts on:
ÆCommunications and network
protocols
Ækey management protocols,
processes, and procedures
Ænetwork management protocols,
processes, and procedures
Æbusiness processes and procedures
Each responding organization’s letter
of interest should identify how their
products help address one or more of
the following demonstration scenarios
in section 2 of the Migration to Post-
Quantum Cryptography project
description at https://
www.nccoe.nist.gov/projects/building-
blocks/post-quantum-cryptography:
FIPS–140 validated hardware and
software modules that employ
quantum-vulnerable public-key
cryptography
Cryptographic libraries that include
quantum-vulnerable public-key
cryptography
Cryptographic applications and
cryptographic support applications
that include or are focused on
quantum-vulnerable public-key
cryptography
Embedded quantum-vulnerable
cryptographic code in computing
platforms
Communication protocols widely
deployed in different industry sectors
that leverage quantum-vulnerable
cryptographic algorithms
Considerations for desired
characteristics include:
All candidate quantum-resistant
replacements for quantum-vulnerable
public-key algorithms should have a
security strength at least equivalent to
that possessed by the quantum-
vulnerable algorithm being replaced,
where the security strength of the
algorithm being replaced is measured in
the absence of quantum computing.
Any suggestion for replacement of a
quantum-vulnerable public-key
algorithm by a compensating control(s)
should be accompanied by an
explanation of how the compensating
control provides relevant confidentiality
and integrity protection commensurate
with that currently being provided in
the absence of quantum computing.
Any projected performance
degradation resulting from a suggested
replacement of a quantum-vulnerable
public-key algorithm by a NIST
candidate quantum-resistant algorithm
should be characterized in the project
findings.
In their letters of interest, responding
organizations need to acknowledge the
importance of and commit to provide:
1. Access for all participants’ project
teams to component interfaces and the
organization’s experts necessary to make
functional connections among security
platform components.
2. Support for development and
demonstration of the Migration to Post-
VerDate Sep<11>2014 18:01 Oct 12, 2021 Jkt 256001 PO 00000 Frm 00015 Fmt 4703 Sfmt 4703 E:\FR\FM\13OCN1.SGM 13OCN1
jspears on DSK121TN23PROD with NOTICES1
56900
Federal Register / Vol. 86, No. 195 / Wednesday, October 13, 2021 / Notices
Quantum Cryptography project, which
will be conducted in a manner
consistent with the most recent version
of the following standards and
guidance: FIPS 200, SP 800–37, SP 800–
52, SP 800–53, SP 800–63, and SP
1800–16. Additional details about the
Migration to Post-Quantum
Cryptography project are available at
https://www.nccoe.nist.gov/projects/
building-blocks/post-quantum-
cryptography.
NIST cannot guarantee that all of the
products proposed by respondents will
be used in the demonstration. Each
prospective participant will be expected
to work collaboratively with NIST staff
and other project participants under the
terms of the consortium CRADA in the
development of the Migration to Post-
Quantum Cryptography project.
Prospective participants’ contribution to
the collaborative effort will include
assistance in establishing the necessary
interface functionality, connection and
set-up capabilities and procedures,
demonstration harnesses, environmental
and safety conditions for use, integrated
platform user instructions, and
demonstration plans and scripts
necessary to demonstrate the desired
capabilities. Each participant will train
NIST personnel, as necessary, to operate
its product in capability
demonstrations. Following successful
demonstrations, NIST will publish a
description of the security platform and
its performance characteristics sufficient
to permit other organizations to develop
and deploy security platforms that meet
the security objectives of the Migration
to Post-Quantum Cryptography project.
These descriptions will be public
information.
Under the terms of the consortium
CRADA, NIST will support
development of interfaces among
participants’ products by providing IT
infrastructure, laboratory facilities,
office facilities, collaboration facilities,
and staff support to component
composition, security platform
documentation, and demonstration
activities.
The dates of the demonstration of the
Migration to Post-Quantum
Cryptography project capability will be
announced on the NCCoE website at
least two weeks in advance at https://
nccoe.nist.gov/. The expected outcome
will demonstrate how the components
of the solutions that address Migration
to Post-Quantum Cryptography can
enhance security capabilities that
provide assurance of mitigation of
identified risks while continuing to
meet industry sectors’ compliance
requirements. Participating
organizations will gain from the
knowledge that their products are
interoperable with other participants’
offerings.
For additional information on the
NCCoE governance, business processes,
and NCCoE operational structure, visit
the NCCoE website https://
nccoe.nist.gov/.
Alicia Chambers,
NIST Executive Secretariat.
[FR Doc. 2021–22223 Filed 10–12–21; 8:45 am]
BILLING CODE 3510–13–P
DEPARTMENT OF COMMERCE
National Oceanic and Atmospheric
Administration
[RTID 0648–XB503]
Marine Mammals and Endangered
Species
AGENCY
: National Marine Fisheries
Service (NMFS), National Oceanic and
Atmospheric Administration (NOAA),
Commerce.
ACTION
: Notice; issuance of permits and
permit amendments.
SUMMARY
: Notice is hereby given that
permits and permit amendments have
been issued to the following entities
under the Marine Mammal Protection
Act (MMPA) and the Endangered
Species Act (ESA), as applicable.
ADDRESSES
: The permits and related
documents are available for review
upon written request via email to
NMFS.Pr1Comments@noaa.gov.
FOR FURTHER INFORMATION CONTACT
:
Shasta McClenahan, Ph.D. (Permit Nos.
19592–01 and 25739), Jennifer
Skidmore (Permit No. 24054), Amy
Hapeman (Permit Nos. 24140, 24368,
25691, 25694, and 25696), and Carrie
Hubard (Permit No. 19225); at (301)
427–8401.
SUPPLEMENTARY INFORMATION
: Notices
were published in the Federal Register
on the dates listed below that requests
for a permit or permit amendment had
been submitted by the below-named
applicants. To locate the Federal
Register notice that announced our
receipt of the application and a
complete description of the activities, go
to www.federalregister.gov and search
on the permit number provided in Table
1 below.
BILLING CODE 3510–22–P
VerDate Sep<11>2014 18:01 Oct 12, 2021 Jkt 256001 PO 00000 Frm 00016 Fmt 4703 Sfmt 4703 E:\FR\FM\13OCN1.SGM 13OCN1
jspears on DSK121TN23PROD with NOTICES1

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT