Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST Requests Public Comments on SP 800-132, Recommendation for Password-Based Key Derivation: Part 1: Storage Applications
January 06, 2023

NIST is in the process of a periodic review and maintenance of its cryptography standards and guidelines. 

Currently, we are reviewing the following publication: 

SP 800-132 specifies a family of password-based key derivation functions (PBKDFs) for deriving cryptographic keys from passwords or passphrases for the protection of electronically-stored data or for the protection of data protection keys. 

NIST requests feedback on all aspects of SP 800-132. Additionally, NIST would appreciate feedback on the industry need for new password-based standards, including memory-hard password-based key derivation functions and password hashing schemes. 

The public comment period is open through February 24, 2023. Send comments to with “Comments on SP 800-132” in the subject line. 

Comments received in response to this request will be posted on the Crypto Publication Review Project site after the due date. Submitters’ names and affiliations (when provided) will be included, while contact information will be removed. See the project site for additional information about the review process. 

Parent Project

See: Crypto Publication Review Project

Related Topics

Security and Privacy: key management

Created January 06, 2023