Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-133 Rev. 1 (DRAFT)

Recommendation for Cryptographic Key Generation

Date Published: March 2019
Comments Due: May 8, 2019 (public comment period is CLOSED)
Email Questions to: SP-800-133_Comments@nist.gov

Author(s)

Elaine Barker (NIST), Allen Roginsky (NIST)

Announcement

The draft revision discusses the generation of keys to be managed and used by approved cryptographic algorithms. This revision adds the Edwards-curve Digital Signature Algorithm (EdDSA) to the original list of digital signature algorithms as well as KMAC as an algorithm for generating a Message Authentication Code (MAC). EdDSA will also be proposed as an additional signature algorithm in a forthcoming revision of Federal Information Processing Standard (FIPS) 186, Digital Signature Standard (DSS). KMAC is specified in SP 800-185, Recommendation for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters. Additional changes are listed in the final appendix of SP 800-133 Rev. 1.

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Abstract

Keywords

asymmetric key; key agreement; key derivation; key generation; key wrapping; key replacement; key transport; private key; public key; symmetric key
Control Families

None selected

Documentation

Publication:
SP 800-133 Rev. 1 (DRAFT) (DOI)
Local Download

Supplemental Material:
None available

Topics

Security and Privacy
key management