Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-56C Rev. 2 (Initial Public Draft)

Recommendation for Key-Derivation Methods in Key-Establishment Schemes

Date Published: March 2020
Comments Due: May 15, 2020 (public comment period is CLOSED)
Email Questions to:


Elaine Barker (NIST), Lily Chen (NIST), Richard Davis (NSA)


NIST requests comments on Special Publication (SP) 800-56C Revision 2, Recommendation for Key-Derivation Methods in Key-Establishment Schemes, which describes two categories of key-derivation methods that can be used during a key-establishment scheme as defined in SP 800-56A or SP 800-56B. The keying material derived using these methods shall be computed in its entirety before outputting any portion of it and shall only be used as secret keying material. This revision permits the use of “hybrid” shared secrets, and a newly added section specifies the conditions under which multiple instances of key expansion can be performed using a single key-derivation key obtained via randomness extraction.

NOTE: A call for patent claims is included on page iv of this draft.  For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.



expansion; extraction; extraction-then-expansion; hash function; key derivation; key establishment; message authentication code
Control Families

System and Communications Protection


Download URL

Supplemental Material:
Comments received on Draft SP 800-56C Rev. 2 (pdf)

Document History:
03/24/20: SP 800-56C Rev. 2 (Draft)
08/18/20: SP 800-56C Rev. 2 (Final)


Security and Privacy

key management