Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography
The National Institute of Standards and Technology (NIST) provides cryptographic key management guidance. Many U.S. Government information technology systems rely on strong cryptographic schemes to protect the integrity and confidentiality of the data they process. The use of common algorithms as defined by Federal Information Processing Standards (FIPS) requires the establishment of secret keying material that is shared in advance. As the number of entities using a system grows, so too does the work involved in distributing the secret keying materials. It is therefore essential to support cryptographic algorithms with automated key-establishment schemes.
NIST announces the publication of Special Publication (SP) 800-56B Revision 2, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography, which specifies key-transport and key-agreement schemes using the RSA cryptographic algorithm. This revision approves additional key sizes for key establishment, removes provisions for using the Triple Data Encryption Algorithm (TDEA), and removes the KTS-KEM-KWS key-transport scheme that was included in previous versions of this recommendation. Additionally, the key derivation methods required for the key agreement schemes have been moved to SP 800-56C Revision 1, Recommendation for Key-Derivation Methods in Key-Establishment Schemes.
Transitioning the Use of Cryptographic Algorithms and Key Lengths SP 800-131A Rev. 2
NIST provides cryptographic key management guidance for defining and implementing appropriate key management procedures, using algorithms that adequately protect sensitive information, and planning ahead for possible changes in the use of cryptography because of algorithm breaks or the availability of more powerful computing techniques. NIST Special Publication (SP) 800-57, Part 1, Recommendation for Key Management: General, includes a general approach for transitioning from one algorithm or key length to another. This Recommendation (SP 800-131A) provides more specific guidance for transitions to the use of stronger cryptographic keys and more robust algorithms.
SP 800-131A Rev. 2 (DOI)
SP 800-131A Rev. 2 (NIST)