NIST, Computer Security Division, Computer Security Resource Center
Cryptographic Key Management Project
Cryptographic Key Management (CKM) is a fundamental part of cryptographic technology and is considered one of the most difficult aspects associated with its use. Of particular concern are the scalability of the methods used to distribute keys and the usability of these methods. NIST has undertaken an effort to improve the overall key management strategies used by the public and private sectors in order to enhance the usability of cryptographic technology, provide scalability across cryptographic technologies, and support a global cryptographic key management infrastructure.
The first step in achieving this goal was to conduct a workshop to identify: 1) various obstacles in using the key management methodologies currently in use; 2) alternative technologies that need to be accommodated; 3) alternative strategies useful in achieving the stated goal; and, 4) approaches for transitioning from the current methodologies to the most desirable method.
A CKM Workshop was held at NIST on June 8-9, 2009. Approximately 100 people participated in the Workshop at NIST on-site and approximately 90 people participated via a Webcast service. The program consisted of five keynote speakers addressing various aspects of future electronic communications, computing, and cryptography. Another twenty-five speakers addressed various technical aspects of current and future key management systems including key management policies, algorithms, distribution methods, and user control software interfaces.
A summary of the Workshop will be issued as a NIST electronic publication in early fall of 2009. The primary initial product of this project is a framework of CKM systems which may be used for analyzing, categorizing, and comparing current and future CKM systems. An initial outline of this framework is scheduled for delivery in early fall of 2009. These publications will be announced and available on the NIST Computer Security Resource Center website.
Cryptographic Key Management Workshop Summary
NIST Internal Report 7609, Cryptographic Key Management Workshop Summary - June 8-9, 2009, is now available. This document provides highlights of a workshop that was held in June 2009 to discuss the current state of key management systems, to identify future needs, and to discuss the development of a Cryptographic Key Management Design Framework that will address the issues discussed during the workshop.
Draft Special Publication 800-131, Recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes
Draft Special Publication 800-131, Recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes, is available for public comment. NIST Special Publication (SP) 800-57, Part 1 included a general approach for transitioning from one algorithm or key length to another. This Recommendation (SP 800-131) provides more specific guidance for transitions to stronger cryptographic keys and more robust algorithms. Public comments should be sent to CryptoTransitions@nist.gov by March 15, 2010. The authors of this document, Elaine Barker and Allen Roginsky, will be available for discussions at the RSA Conference in San Francisco on March 1-5.
Questions regarding this project should be addressed to Elaine Barker of NIST.
Additional information is available at the CKM Project Blog which is operated off-site. To leave the NIST Website and visit the CKM Project Blog, please click on: http://keymanagement.wordpress.com/