News Bits

Hardware Security Information and Tools: trust-HUB
July 23, 2010,


A group of NSF funded researchers have started a new resource for hardware security researchers at

"Our goal in developing trust-HUB is to provide the community with a forum to exchange ideas, circuits, platforms, tools, and resources. This web site is a resource for research, education and collaboration in your science area. It hosts various resources which will help you learn about your science area, including online presentations, courses, learning modules, animations, teaching materials, and more. It also includes information about community activities such as technical events, workshops, seminars, and news stories. It also provide members with capability of scheduling online blogs and presentation, and development of working groups. The members will be able to broadcast their success stories, tools, benchmarks, and more. These resources come from contributors in our scientific community, and are used by visitors from all over the world. Most importantly, trust-HUB offers simulation tools which you can access from your web browser, so you can not only learn about but also simulate your science area."

The administrators are
Mohammad Tehranipoor, University of Connecticut
Ramesh Karri, Polytechnic Institute of NYU
Farinaz Koushanfar, Rice University
Miodrag Potkonjak, University of California, Los Angeles

NIST Announcement
Password-Based Key Derivation
Mon, 28 Jun 2010 13:51:34 -0400


DRAFT Recommendation for Password-Based Key Derivation - Part 1: Storage Applications.
NIST announces the release of draft Special Publication 800-132, Recommendation for Password-Based Key Derivation - Part 1: Storage Applications. This Recommendation specifies techniques for the derivation of master keys from passwords to protect electronic data in a storage environment. Please submit comments to with "Comments on Draft SP800-132" in the subject line. The comment period closes on July 28, 2010.

ICANN Announcement
Internet "Root" Signed and Delivered
July 15, 2010


It has been nearly 20 years in the making, but this summer marks the start of new era in Internet security with the implementation of public key authentication technology for the Internet "root" zone. This is arguably the most important aspect of security for mapping domain names to Internet addresses, and hundreds of people have been involved in the long process of defining the Domain Name System Security protocol (DNSSEC), implementing it, and setting in place the contractual and physical procedures for signing the fundamental data area for DNS, the root zone.

From the ICANN announcement:
"ICANN publishes the root zone trust anchor and root operators begin to serve the signed root zone with actual keys – The signed root zone is available."

There is a web page for DNSSEC status information