The National Institute of Standards and Technology provides cryptographic key management guidance for defining and implementing appropriate key management procedures, using algorithms that adequately protect sensitive information, according to a NIST release.
NIST is updating its guidance for transitioning to the use of stronger cryptographic keys and more robust algorithms for use by federal agencies to protect sensitive, but unclassified, information. These transitions are intended to address the challenges posed by new cryptanalysis, the advances in more powerful classical computing technology — and the eventual emergence of quantum computers.
NIST Special Publication (SP) 800-57, Part 1 includes an overall approach for transitioning from one algorithm or key length to another. This recommendation (SP 800-131A) provides more specific guidance for transitions to the use of stronger cryptographic keys and more robust algorithms.
Draft Special Publication (SP) 800-131A Revision 2, Transitioning the Use of Cryptographic Algorithms and Key Lengths, is now available for public comment. This revision includes a strategy and schedule for retiring the use of the Triple Data Encryption Algorithm (TDEA). Other proposed changes are listed in Appendix B.
Publication: Draft SP 800-131A Rev. 2
Authors: Elaine Barker (NIST), Allen Roginsky (NIST)
Date published: July 2018
Comments due: September 7, 2018
Email comments to: CryptoTransitions@nist.gov