Email this Article Email   

CHIPS Articles: NIST Invites Comments on Draft Recommendation for Cryptographic Key Management

NIST Invites Comments on Draft Recommendation for Cryptographic Key Management
By CHIPS Magazine - October 10, 2019
The National Institute of Standards and Technology Special Publication (SP) 800-57 Part 1 Revision 5, Recommendation for Key Management: Part 1 – General provides general guidance and best practices for the management of cryptographic keying material.

Among other changes, NIST announced this revision emphasizes the protection needed for the metadata associated with keys and includes discussions on access control, identity authentication; inventory management for keys and certificates; provides guidance consistent with – Federal Information Processing Standards (FIPS) Publication 201, Personal Identity Verification (PIV) of Federal Employees and Contractors, and – SP 800-63, Digital Identity Guidelines.

Appendix C contains a complete list of changes.

The draft recommendation consists of three parts.

Part 1 provides general guidance and best practices for management of cryptographic keying material, including:

  1. definitions of the security services that may be provided when using cryptography and the algorithms and key types that may be employed;
  2. specifications of the protection that each type of key and other cryptographic information requires and methods for providing this protection;
  3. discussions about the functions involved in key management; and
  4. discussions about a variety of key-management issues to be addressed when using cryptography.

Part 2 provides guidance on policy and security planning requirements for U.S. Government agencies.

Part 3 provides guidance when using the cryptographic features of current systems.

Publication details:

The public comment period for the draft is open through Dec. 6, 2019. Please email comments to:

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer