Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Algorithm Validation Program

CAVP Testing: SP 800-108 Key Derivation Using Pseudorandom Functions - Key-Based (KBKDF)

Algorithm Specifications

Algorithm specifications for Key-Based KDFs (SP800-108) are available from the Cryptographic Toolkit.


Algorithm Validation Testing Requirements

The algorithm validation testing requirements for SP 800-108 are specified in: The SP800-108 Key Derivation Function Validation System (KBKDFVS).

Testing Notes

  • As of 1-1-2016, TDES KO2 encrypt is no longer compliant. (See SP800-131A Revision 1.)

Validation List

KDF Validation List


Test Vectors

Use of these test vectors does not replace validation obtained through the CAVP.

The test vectors linked below can be used to informally verify the correctness of the KBKDF algorithm listed above.

See the KBKDFVS document for an explanation of the files.

KDF in Counter Mode Test Vectors

KDF in Feedback Mode Test Vectors where no counter is used

KDF in Feedback Mode Test Vectors where zero length IV is allowed

KDF in Feedback Mode Test Vectors where zero length IV is not allowed

KDF in Double-Pipeline Iteration Mode Test Vectors where no counter is used

KDF in Double-Pipeline Iteration Mode Test Vectors where counter is used

Back to Top

Created October 05, 2016, Updated October 03, 2018