NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

Search the fulltext of NIST's computer security publications:

  Advanced Search

govdelivery bubble icon Sign Up for Email Alerts from NIST's Computer Security Division:

Archived Special Publications
(500 & 800 Series)

Below is a list of withdrawn, computer security-related NIST Special Publications (SPs), including those that have been revised or superceded by a different SP.

NumberDateTitle
SP 800-135Dec 2010Recommendation for Existing Application-Specific Key Derivation Functions
  Withdrawn: Dec 2011
  Superceded By: SP 800 135 Rev. 1
SP 800-131Recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes
  Withdrawn: Jan 2011
  Superceded By: SP 800 131 A
SP 800-124Oct 2008Guidelines on Cell Phone and PDA Security
  Withdrawn: Jun 2013
  Superceded By: SP 800 124 Rev. 1
SP 800-121Sep 2008Guide to Bluetooth Security
  Withdrawn: Jun 2012
  Superceded By: SP 800 121 Rev. 1
SP 800-107Feb 2009Recommendation for Applications Using Approved Hash Algorithms
  Withdrawn: Aug 2012
  Superceded By: SP 800 107 Rev. 1
SP 800-104Jun 2007A Scheme for PIV Visual Card Topography
  Withdrawn: Sept. 2014
  Superceded By: FIPS 201 -2
SP 800-101May 2007Guidelines on Cell Phone Forensics
  Withdrawn: May 2014
  Superceded By: SP 800 101 Rev.1
SP 800-90Mar 2007Recommendation for Random Number Generation Using Deterministic Random Bit Generators
  Withdrawn: Jan 2012
  Superceded By: SP 800 90 A
SP 800-87Mar 2007Codes for the Identification of Federal and Federally Assisted Organizations *
  Withdrawn: Apr 2008
  Superceded By: SP 800 87 Rev 1
SP 800-85 A-1Mar 2009PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-2 Compliance)
  Withdrawn: Jul 2010
  Superceded By: SP 800 85 A-2
SP 800-85 AApr 2006PIV Card Application and Middleware Interface Test Guidelines (SP800-73 compliance) *
  Withdrawn: Apr 2009
  Superceded By: SP 800 85 A-1
SP 800-83Nov 2005Guide to Malware Incident Prevention and Handling
  Withdrawn: Jul 2013
  Superceded By: SP 800 83 Rev. 1
SP 800-82Jun 2011Guide to Industrial Control Systems (ICS) Security
  Withdrawn: Apr 2014
  Superceded By: SP 800 82 Rev. 1
SP 800-81May 2006Secure Domain Name System (DNS) Deployment Guide
  Withdrawn: Aug 2010
  Superceded By: SP 800 81 Rev. 1
SP 800-79Jul 2005Guidelines for the Certification and Accreditation of PIV Card Issuing Organizations *
  Withdrawn: Jun 2008
  Superceded By: SP 800 79 -1
SP 800-78 -2Feb 2010Cryptographic Algorithms and Key Sizes for Personal Identification Verification (PIV)
  Withdrawn: Dec 2010
  Superceded By: SP 800 78 -3
SP 800-78Aug 2007Cryptographic Algorithms and Key Sizes for Personal Identity Verification *
  Withdrawn: Aug 2007
  Superceded By: SP 800 78 -2
SP 800-76 -1Jan 2007Biometric Data Specification for Personal Identity Verification *
  Withdrawn: Sept. 2014
  Superceded By: SP 800 76 -2
SP 800-76Feb 2006Biometric Data Specification for Personal Identity Verification *
  Withdrawn: Jan 2007
  Superceded By: SP 800 76 -1
SP 800-73 -2Sep 2008Interfaces for Personal Identity Verification (4 parts):
1- End-Point PIV Card Application Namespace, Data Model and Representation
2- End-Point PIV Card Application Interface
3- End-Point PIV Client Application Programming Interface
4- The PIV Transitional Data Model and Interfaces

  Withdrawn: Feb 2010
  Superceded By: SP 800 73 -3
SP 800-73 -1Mar 2006Interfaces for Personal Identity Verification *
  Withdrawn: Sep 2008
  Superceded By: SP 800 73 -2
SP 800-73Apr 2005Interfaces for Personal Identity Verification *
  Withdrawn: Mar 2006
  Superceded By: SP 800 73 -1
SP 800-70 Rev. 1Sep 2009National Checklist Program for IT Products--Guidelines for Checklist Users and Developers
  Withdrawn: Feb 2011
  Superceded By: SP 800 70 Rev. 2
SP 800-70May 2005Security Configuration Checklists Program for IT Products: Guidance for Checklists Users and Developer
  Withdrawn: Sep 2009
  Superceded By: SP 800 70 Rev. 1
SP 800-68Oct 2005Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist *
  Withdrawn: Oct 2008
  Superceded By: SP 800 68 Rev. 1
SP 800-67May 2008Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher
  Withdrawn: Jan 2012
  Superceded By: SP 800 67 Rev. 1
SP 800-66Mar 2005An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule *
  Withdrawn: Oct 2008
  Superceded By: SP 800 66 Rev 1
SP 800-64 Rev.1Jun 2004Security Considerations in the Information System Development Life Cycle *
  Withdrawn: Oct 2008
  Superceded By: SP 800 64 Rev. 2
SP 800-64Oct 2003Security Considerations in the Information System Development Life Cycle *
  Withdrawn: Jun 2004
  Superceded By: SP 800 64 Rev.1
SP 800-63 Version 1.0.2Apr 2006Electronic Authentication Guideline
  Withdrawn: Dec 2011
  Superceded By: SP 800 63 Rev. 1
SP 800-61 Rev. 1Mar 2008Computer Security Incident Handling Guide
  Withdrawn: Aug 2012
  Superceded By: SP 800 61 Rev. 2
SP 800-61 -1Aug 2007 Cryptographic Algorithms and Key Sizes for Personal Identity Verification *
  Withdrawn: Feb 2010
  Superceded By: SP 800 61 Rev. 2
SP 800-61Jan 2004Computer Security Incident Handling Guide *
  Withdrawn: Mar 2008
  Superceded By: SP 800 61 Rev. 1
SP 800-60Jun 2004Guide for Mapping Types of Information and Information Systems to Security Categories *
  Withdrawn: Aug 2008
  Superceded By: SP 800 60 Rev. 1
SP 800-56 AMar 2007Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
  Withdrawn: May 2013
  Superceded By: SP 800 56 A Rev. 2
SP 800-55Jul 2003Security Metrics Guide for Information Technology Systems *
  Withdrawn: Jul 2008
  Superceded By: SP 800 55 Rev. 1
SP 800-53 Rev. 1Dec 2006Recommended Security Controls for Federal Information Systems
  Withdrawn: Jul 2009
  Superceded By: SP 800 53 Rev. 2
SP 800-53Feb 2005Recommended Security Controls for Federal Information Systems *
  Withdrawn: Dec 2006
  Superceded By: SP 800 53 Rev. 1
SP 800-53 Rev. 3Aug 2009Recommended Security Controls for Federal Information Systems and Organizations
  Withdrawn: April 30, 2014
  Superceded By: SP 800 53 Rev. 4
SP 800-53 Rev. 2Dec 2007Recommended Security Controls for Federal Information Systems
  Withdrawn: Dec 2010
  Superceded By: SP 800 53 Rev. 3
SP 800-53 AJul 2008Guide for Assessing the Security Controls in Federal Information Systems
  Withdrawn: Jun 2011
  Superceded By: SP 800 53 A Rev. 1
SP 800-52Jun 2005Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations
  Withdrawn: Mar. 13, 2013
  Archived File
SP 800-51Sep 2002Use of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming Scheme
  Withdrawn: Feb 2011
  Superceded By: SP 800 51 Rev. 1
SP 800-48Nov 2002Wireless Network Security: 802.11, Bluetooth, and Handheld Devices *
  Withdrawn: Jul 2008
  Superceded By: SP 800 48 Rev. 1
SP 800-46Aug 2002Security for Telecommuting and Broadband Communications
  Withdrawn: Jun 2009
  Superceded By: SP 800 46 Rev. 1
SP 800-45Sep 2002Guidelines on Electronic Mail Security *
  Withdrawn: Feb 2007
  Superceded By: SP 800 45 Version 2
SP 800-44Sep 2002Guidelines on Securing Public Web Servers *
  Withdrawn: Sep 2007
  Superceded By: SP 800 44 Version 2
SP 800-42Oct 2003Guideline on Network Security Testing *
  Withdrawn: Sep 2008
  Superceded By: SP 800 115
SP 800-41Jan 2002Guidelines on Firewalls and Firewall Policy
  Withdrawn: Sep 2009
  Superceded By: SP 800 41 Rev. 1
SP 800-40Aug 2002Creating a Patch and Vulnerability Management Program *
  Withdrawn: Nov 2005
  Superceded By: SP 800 40 Version 2.0
SP 800-37May 2004Guide for the Security Certification and Accreditation of Federal Information Systems
  Withdrawn: Feb 2010
  Superceded By: SP 800 37 Rev. 1
SP 800-34Jun 2002Contingency Planning Guide for Information Technology Systems
  Withdrawn: May 2010
  Superceded By: SP 800 34 Rev. 1
SP 800-31Aug 2001Intrusion Detection Systems *
  Withdrawn: Feb 2007
  Superceded By: SP 800 94
SP 800-30Jul 2002Risk Management Guide for Information Technology Systems
  Withdrawn: Sep 2012
  Superceded By: SP 800 30 Rev. 1
SP 800-28Oct 2001Guidelines on Active Content and Mobile Code *
  Withdrawn: Mar 2008
  Superceded By: SP 800 28 Version 2
SP 800-28Oct 2001Guidelines on Active Content and Mobile Code *
  Withdrawn: Mar 2008
  Superceded By: SP 800 28 Version 2
SP 800-27Jun 2001Engineering Principles for Information Technology Security (A Baseline for Achieving Security) *
  Withdrawn: Jun 2004
  Superceded By: SP 800 27 Rev. A
SP 800-26 Rev.1Apr 2005Guide for Information Technology Security Assessments and System Reporting Form *
  Withdrawn: Feb 2007
  Superceded By: FIPS 200, SP 800-53, SP 800-53A
SP 800-26Nov 2001Security Self-Assessment Guide for Information Technology Systems *
  Withdrawn: Feb 2007
  Superceded By: FIPS 200, SP 800-53, SP 800-53A
SP 800-22May 2001A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications *
  Withdrawn: Aug 2008
  Superceded By: SP 800 22 Rev. 1
SP 800-21Nov 1999Guideline for Implementing Cryptography in the Federal Government *
  Withdrawn: Dec 2005
  Superceded By: SP 800 21 2nd edition
SP 800-18Dec 1998Guide for Developing Security Plans for Federal Information Systems *
  Withdrawn: Feb 2006
  Superceded By: SP 800 18 Rev.1
SP 800-11Feb 1995The Impact of the FCC's Open Network Architecture on NS/EP Telecommunications Security *
SP 800-10Dec 1994Keeping Your Site Comfortably Secure: An Introduction to Internet Firewalls *
SP 800-9Dec 1993Good Security Practices for Electronic Commerce, Including Electronic Data Interchange *
SP 800-8Aug 1993Security Issues in the Database Language SQL *
SP 800-7Jul 1994Security in Open Systems *
SP 800-6Dec 1992Automated Tools for Testing Computer System Vulnerability *
SP 800-5Dec 1992A Guide to the Selection of Anti-Virus Tools and Techniques *
SP 800-4Mar 1992Computer Security Considerations in Federal Procurements: A Guide for Procurement Initiatiors, Contracting Officers, and Computer Security *
  Withdrawn: Oct 2003
  Superceded By: SP 800-64
SP 800-3Nov 1991Establishing a Computer Security Incident Response Capability (CSIRC) *
  Withdrawn: Jan 2004
  Superceded By: SP 800 61
SP 800-2Apr 1991Public-Key Cryptography *
SP 500 189Sep 1991Security in ISDN *
SP 500 174Oct 1989Guide for Selecting Automated Risk Analysis Tools *
SP 500 172Nov 1989Computer Security Training Guidelines *
  Withdrawn: Apr 1998
  Superceded By: SP 800 16 Information Technology Security Training Requirements: A Role- and Performance- Based Model
SP 500 1711989Computer Users' Guide to the Protection of Information Resources *
SP 500 1701989Management Guide to the Protection of Information Resources *
SP 500 1691989Executive Guide to the Protection of Information Resources *
SP 500 166Aug 1989Computer Viruses and Related Threats: A Management Guide *
SP 500 158Aug 1988Accuracy, Integrity, and Security in Computerized Vote-Tallying *
sP 500 157Sep 1988Smart Card Technology: New Methods for Computer Access Control *
SP 500 156May 1988Message Authentication Code (MAC) Validation System: Requirements and Procedures *
SP 500 153Apr 1988Guide to Auditing for Controls and Security: A System Development Life Cycle Approach *
SP 500 134Nov 1985Guide on Selecting ADP Backup Process Alternatives *
SP 500 133Oct 1985Technology Assessment: Methods for Measuring the Level of Computer Security *
SP 500 120Jan 1985Security of Personal Computer Systems - A Management Guide *
SP 500 61Aug 1980Maintenance Testing for the Data Encryption Standard *
Back to Top