Short URL: https://csrc.nist.rip/projects/cmvp/sp800-140d
The following information is referenced from Section 6.2, Sensitive security parameter generation and establishment methods, of NIST SP 800-140Dr2.
Transitions | Symmetric Key Gen. | Key-Based Key Derivation
Password-Based Key Deriv. | Asymmetric Key-Pair Gen.
Key Agreement | Key Agreement Key Deriv. | Protocol-Suite Key Deriv.
Key Transport | Entropy Source | DRBG | Other SSPEM | Change Log
Barker EB, Roginsky AL (2019) Transitioning the Use of Cryptographic Algorithms and Key Lengths. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-131A, Rev. 2. https://doi.org/10.6028/NIST.SP.800-131Ar2
Barker EB, Roginsky AL, Davis R (2020) Recommendation for Cryptographic Key Generation. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-133, Rev. 2. https://doi.org/10.6028/NIST.SP.800-133r2
Chen L (2009) Recommendation for Key Derivation Using Pseudorandom Functions (Revised). (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-108, Revised. https://doi.org/10.6028/NIST.SP.800-108
Chen L (2022) Recommendation for Key Derivation Using Pseudorandom Functions. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-108 r1. https://doi.org/10.6028/NIST.SP.800-108r1
Sönmez Turan M, Barker EB, Burr WE, Chen L (2010) Recommendation for Password-Based Key Derivation: Part 1: Storage Applications. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-132. https://doi.org/10.6028/NIST.SP.800-132
National Institute of Standards and Technology (2013) Digital Signature Standard (DSS). (U.S. Department of Commerce, Washington, DC), Federal Information Processing Standards Publication (FIPS) 186-4. https://doi.org/10.6028/NIST.FIPS.186-4
National Institute of Standards and Technology (2023) Digital Signature Standard (DSS). (U.S. Department of Commerce, Washington, DC), Federal Information Processing Standards Publication (FIPS) 186-5. https://doi.org/10.6028/NIST.FIPS.186-5
Cooper DA, Apon DC, Dang QH, Davidson MS, Dworkin MJ, Miller CA (2020) Recommendation for Stateful Hash-Based Signature Schemes. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-208. https://doi.org/10.6028/NIST.SP.800-208
Note. For the purposes of SSP generation and establishment methods, the standards referenced in this section are only used to define the domain parameters and/or the (private, public) key-pair generation methods.
Note. The key agreement references in Section 6.2.6 also include additional asymmetric key-pair generation methods.
Barker EB, Chen L, Roginsky AL, Vassilev A, Davis R (2018) Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-56A, Rev. 3. https://doi.org/10.6028/NIST.SP.800-56Ar3
Barker EB, Chen L, Roginsky AL, Vassilev A, Davis R, Simon S (2019) Recommendation for Pair-Wise Key-Establishment Using Integer Factorization Cryptography. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-56B, Rev. 2. https://doi.org/10.6028/NIST.SP.800-56Br2
Barker EB, Chen L, Davis R (2020) Recommendation for Key-Derivation Methods in Key-Establishment Schemes. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-56C, Rev. 2. https://doi.org/10.6028/NIST.SP.800-56Cr2
Dang QH (2011) Recommendation for Existing Application-Specific Key Derivation Functions. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-135, Rev. 1. https://doi.org/10.6028/NIST.SP.800-135r
The Transport Layer Security (TLS) Protocol Version 1.3, Section 7.1. (Internet Engineering Task Force, Fremont, CA), RFC 8446, August 2018. https://tools.ietf.org/html/rfc8446#section-7.1
Dworkin MJ (2012) Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-38F. https://doi.org/10.6028/NIST.SP.800-38F
Barker EB, Chen L, Roginsky AL, Vassilev A, Davis R, Simon S (2019) Recommendation for Pair-Wise Key-Establishment Using Integer Factorization Cryptography. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-56B, Rev. 2. https://doi.org/10.6028/NIST.SP.800-56Br2
Sönmez Turan M, Barker EB, Kelsey JM, McKay KA, Baish ML, Boyle M (2018) Recommendation for Entropy Sources Used for Random Number Generation. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-90B. https://doi.org/10.6028/NIST.SP.800-90B
Barker EB, Kelsey JM (2015) Recommendation for Random Number Generation Using Deterministic Random Bit Generators. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-90A, Rev. 1. https://doi.org/10.6028/NIST.SP.800-90Ar1
Sensitive security parameter establishment methods allowed in the approved mode with appropriate restrictions are listed in FIPS 140-3 Implementation Guidance Section D.A.
Date | Section | Change |
---|---|---|
8/17/23 | 6.2.6 Key Agreement | Removed: SP 800-89 |
7/25/23 | 6.2.3 Key-Based Key Derivation | Added: SP 800-108 Revision 1, August 2022 |
7/25/23 | 6.2.5 Asymmetric Key-Pair Generation |
Added: FIPS 186-5 and SP 800-186, February 2023 Added: SP 800-208, October 2020 |
7/25/23 | 6.2.6 Key Agreement | Added: SP 800-89, November 2006 |
5/20/22 | 6.2 Sensitive security parameter generation and establishment methods |
Added/Modified: Security function subsection headers. |
5/20/22 | 6.2.2 Symmetric Key Generation |
Added: SP 800-133 Revision 2, June 2020 Removed: SP 800-133 Revision 1, July 2019 |
5/20/22 | 6.2.7 Key Agreement Key Derivation |
Added: SP 800-56C Revision 2, August 2020 Removed: SP 800-56C Revision 1, April 2018 |
5/20/22 | 6.2.8 Protocol-Suite Key Derivation | Added: RFC 8446, Section 7.1, August 2018 |
5/20/22 | 6.2.12 Other sensitive security parameter establishment methods |
Added: FIPS 140-3 Implementation Guidance Section D.A
|
Security and Privacy: cryptography, testing & validation
Technologies: hardware, software & firmware