U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

SP 800-133 Rev. 1 (Draft)

Recommendation for Cryptographic Key Generation

Date Published: March 2019
Comments Due: May 8, 2019 (public comment period is CLOSED)
Email Questions to: SP-800-133_Comments@nist.gov


Elaine Barker (NIST), Allen Roginsky (NIST)


The draft revision discusses the generation of keys to be managed and used by approved cryptographic algorithms. This revision adds the Edwards-curve Digital Signature Algorithm (EdDSA) to the original list of digital signature algorithms as well as KMAC as an algorithm for generating a Message Authentication Code (MAC). EdDSA will also be proposed as an additional signature algorithm in a forthcoming revision of Federal Information Processing Standard (FIPS) 186, Digital Signature Standard (DSS). KMAC is specified in SP 800-185, Recommendation for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters. Additional changes are listed in the final appendix of SP 800-133 Rev. 1.

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.



asymmetric key; key agreement; key derivation; key generation; key wrapping; key replacement; key transport; private key; public key; symmetric key
Control Families

None selected


SP 800-133 Rev. 1 (Draft) (DOI)
Local Download

Supplemental Material:
None available

Document History:
03/06/19: SP 800-133 Rev. 1 (Draft)
07/23/19: SP 800-133 Rev. 1


Security and Privacy
key management