Date Published: December 5, 2025
Comments Due:
Email Comments to:
Author(s)
Elaine Barker (NIST), William Barker (NIST, Strativia)
Announcement
The initial draft of NIST SP 800-57 Part 1 Revision 6 is available for comment through February 5, 2026. Some of the proposed changes from Revision 5 include:
- Ascon, as specified in SP 800-232, and the new quantum-resistant algorithms specified in FIPS 203, 204, and 205 have been included.
- The keys used for both key establishment and key storage are now discussed separately.
- The security categories used in the PQC competition have been included, along with the quantum-resistant algorithms.
- The time frames for algorithm approval status have been removed and replaced with references to SP 800-131A.
- A section has been added to discuss keying material storage and mechanisms.
See Appendix F for a more complete list of changes.
This recommendation provides cryptographic key-management guidelines in three parts. Part 1 provides general guidelines and best practices for the management of cryptographic keying material, including definitions for the security services that may be provided when using cryptography and the algorithms and key types that may be employed, specifications for the protection that each type of key and other cryptographic information requires and methods for providing this protection, discussions about the functions involved in key management, and discussions about a variety of key-management issues to be addressed when using cryptography. Part 2 provides guidance on policy and security planning requirements for U.S. Government agencies. Part 3 provides guidelines for using the cryptographic features of current systems.
This recommendation provides cryptographic key-management guidelines in three parts. Part 1 provides general guidelines and best practices for the management of cryptographic keying material, including definitions for the security services that may be provided when using cryptography and the...
See full abstract
This recommendation provides cryptographic key-management guidelines in three parts. Part 1 provides general guidelines and best practices for the management of cryptographic keying material, including definitions for the security services that may be provided when using cryptography and the algorithms and key types that may be employed, specifications for the protection that each type of key and other cryptographic information requires and methods for providing this protection, discussions about the functions involved in key management, and discussions about a variety of key-management issues to be addressed when using cryptography. Part 2 provides guidance on policy and security planning requirements for U.S. Government agencies. Part 3 provides guidelines for using the cryptographic features of current systems.
Hide full abstract
Keywords
archive; authentication; authorization; availability; backup; compromise; confidentiality; cryptographic key; cryptographic module; digital signature; eXtendable-Output Function; hash function; hashing method; key agreement; key management; key recovery; keying material; key transport; private key; public key; quantum-resistant; secret key; security category; security strength; trust anchor
Control Families
None selected
