U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

This is an archive
(replace .gov by .rip)

SP 800-108 Rev. 1 (Draft)

Recommendation for Key Derivation Using Pseudorandom Functions

Date Published: October 18, 2021
Comments Due: January 18, 2022
Email Comments to: sp800-108-comments@nist.gov


Lily Chen (NIST)


This document specifies families of key derivation functions for deriving additional keys from existing cryptographic keys.

This revision specifies key derivation functions using Keccak-based message authentication codes (KMAC) in addition to key derivation functions using keyed-hash message authentication codes (HMAC) and cipher-based message authentication codes (CMAC).

NOTE:  A call for patent claims is included on page iii of this draft.  For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.



CMAC; HMAC; key derivation; KMAC; pseudorandom function
Control Families

None selected


SP 800-108 Rev. 1 (Draft) (DOI)
Local Download

Supplemental Material:
None available

Document History:
10/18/21: SP 800-108 Rev. 1 (Draft)


Security and Privacy
key management; random number generation