Functions used 1) to establish cryptographic keys, certificates and the information associated with them; 2) for the accounting of all keys and certificates; 3) for key storage and recovery; 4) for revocation and replacement (as needed); and 5) for key destruction.
Sources:
NIST SP 800-57 Part 2 Rev.1