Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST to Revise SP 800-132, Recommendation for Password-Based Key Derivation – Part 1: Storage Applications
May 11, 2023

In January 2023, NIST's Crypto Publication Review Board initiated a review process for NIST Special Publication (SP) 800-132, Recommendation for Password-Based Key Derivation – Part 1: Storage Applications(December 2010).

In March 2023, NIST proposed revising SP 800-132, in response to the public comments received.

NIST has decided to revise SP 800-132 to

  1. approve an additional memory-hard password-based key derivation function and password hashing scheme, and
  2. provide additional guidelines and clarifications on the use of PBKDF2.

The effort to revise SP 800-132 will follow the typical process of posting a draft for public comment, although draft preparation has not yet started.

Monitor progress on CSRC News and CSRC Publications and by subscribing to email updates.

Related Topics

Security and Privacy: key management

Created May 10, 2023, Updated May 11, 2023