Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Key Management

Key Establishment

The following publications specify methods for establishing cryptographic keys.


Symmetric Block Ciphers

  • SP 800-71, Key Establishment Using Symmetric Block Ciphers (DRAFT)
    • July 2, 2018:  NIST requests public comments on NIST SP 800-71.  Most current key management systems are based on public key cryptography. However, with the emergence of quantum computing technology—which can break many public key algorithms currently in use—symmetric key cryptography may offer alternatives for key establishment. Symmetric key cryptography is more computationally efficient than public key cryptography, and is commonly used to protect larger volumes of information, both in transit and storage. Given the limited guidance currently available on using symmetric key cryptography for key establishment, it seems prudent to describe such techniques and their security considerations.
      • ​​​​​​​Public comment period closes September 28, 2018.  Please email comments to

Pair-Wise Key Establishment Schemes

  • SP 800-56A Revision 3, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
  • SP 800-56B, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography
    • July 10, 2018:  NIST seeks comments on Draft SP 800-56B Revision 2. Significant changes to the document are listed in "Notes to Reviewers” on page iii. A more detailed list of changes is provided in the final appendix.  Public comment period is open until October 5, 2018.  Send comments to

Key Derivation

  • SP 800-56C Revision 1, Recommendation for Key Derivation Methods in Key-Establishment Schemes
  • SP 800-108, Recommendation for Key Derivation Using Pseudorandom Functions

Key Generation

  • SP 800-133, Recommendation for Cryptographic Key Generation

Key Wrapping

  • SP 800-38F, Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping

Transitions for Key Derivation Functions

  • SP 800-135, Transitions: Recommendation for Existing Application-Specific Key Derivation Functions

Created January 04, 2017, Updated November 20, 2018