The National Institute of Standards and Technology announces the publication of Special Publication (SP) 800-57 Part 2 Revision 1, Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations. It provides guidance on how organizations should manage cryptographic keys in accordance with federal key management policies and best practices described in SP 800-57 Part 1, Recommendation for Key Management, Part 1: General.
NIST said this revision is consistent with the Cybersecurity Enhancement Act of 2014 and provides direct cybersecurity support for private sector key management as well as government-focused guidance consistent with OMB Circular A-130.
Additionally, the document introduces a more comprehensive set of key management concepts, broadens the applicability of its recommendations, and provides explanatory material that applies to both centralized and decentralized key management structures.
Supersedes: SP 800-57 Part 2 (August 2005)