- CSRC Home
- About CSD
- Projects / Research
- news & events
Cryptographic Key Management (CKM) is a fundamental part of cryptographic technology and is considered one of the most difficult aspects associated with its use. Of particular concern are the scalability of the methods used to distribute keys and the usability of these methods. NIST has undertaken an effort to improve the overall key management strategies used by the public and private sectors in order to enhance the usability of cryptographic technology, provide scalability across cryptographic technologies, and support a global cryptographic key management infrastructure.
NIST Internal Report 7609, Cryptographic Key Management Workshop Summary - June 8-9, 2009, is now available. This document provides highlights of a workshop that was held in June 2009 to discuss the current state of key management systems, to identify future needs, and to discuss the development of a Cryptographic Key Management Design Framework that will address the issues discussed during the workshop.
August 16, 2013: NIST announces the completion of Special Publication (SP) 800-130, A Framework for Designing Cryptographic Key Management Systems. This publication contains a description of the topics to be considered and the documentation requirements to be addressed when designing a CKMS. The CKMS designer satisfies the requirements by selecting the policies, procedures, components (hardware, software, and firmware), and devices (groups of components) to be incorporated into the CKMS, and then specifying how these items are employed to meet the requirements of this Framework.
NIST announces the completion of Special Publication (SP) 800-131A, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths. This Recommendation provides the approach for transitioning from the use of one algorithm or key length to another, as initially addressed in Part 1 of SP 800-57.
Comments received on SP 800-131 [by March 15 deadline].
Comments received on SP 800-131 [by July 16 deadline].
NEW! December 18, 2014: NIST requests comments on DRAFT Special Publication (SP) 800-152, A Profile for U.S. Federal Cryptographic Key Management Systems. This Profile is based on NIST Special Publication (SP) 800-130, A Framework for Designing Cryptographic Key Management Systems, and has been prepared to assist Cryptographic Key Management System (CKMS) designers and implementers in selecting the features to be provided in their “products,” and to assist Federal organizations and their contractors when procuring, installing, configuring, operating, and using a Federal Cryptographic Key Management System (FCKMS). Please send comments by February 18, 2015 to FederalCKMSProfile@nist.gov, with "Comments on SP 800-152" in the subject line. A template has been provided.
Note that these comments will be posted for public review. Note that this revision includes references to some of the security controls in SP 800-53. Comments on the accuracy of these references would be appreciated
January 6, 2014: Please see December 18, 2014 entry (above) for latest version. NIST requests comments on NIST Special Publication (SP) 800-152, A Profile for U.S. Federal Cryptographic Key Management Systems. SP 800-152 contains requirements for the design, implementation, procurement, installation, configuration, management, operation, and use of a CKMS by U. S. Federal organizations. The Profile is based on NIST SP 800-130, A Framework for Designing Cryptographic Key Management Systems (CKMS). The public comment period ended March 5, 2014.
August 8, 2012: Please see December 18, 2014 entry (above) for latest version. NIST requests comments on draft NIST Special Publication 800-152, A Profile for U. S. Federal Cryptographic Key Management Systems (CKMS). This Profile will be based on the Special Publication 800-130, entitled “A Framework for Designing Cryptographic Key Management Systems.” The Framework covers topics that should be considered by a product or system designer when designing a CKMS and specifies requirements for the design and its documentation. The Profile, however, will cover not only a CKMS design, but also its procurement, installation, management, and operation throughout its lifetime. The public comment period ended October 10, 2012.
Questions regarding this project should be addressed to Elaine Barker of NIST.