U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

SP 800-57 Part 1 Rev. 5 (Draft)

Recommendation for Key Management: Part 1 – General

Date Published: October 2019
Comments Due: December 6, 2019 (public comment period is CLOSED)
Email Questions to: keymanagement@nist.gov

Author(s)

Elaine Barker (NIST)

Announcement

This document provides general guidance and best practices for the management of cryptographic keying material. Among other changes, this revision emphasizes the protection needed for the metadata associated with keys; includes discussions on access control, identity authentication, and inventory management for keys and certificates; and provides guidance consistent with Federal Information Processing Standards (FIPS) Publication 201, Personal Identity Verification (PIV) of Federal Employees and Contractors, and SP 800-63, Digital Identity Guidelines. Appendix C contains a complete list of changes.

NOTE: A call for patent claims is included on page iv of this draft.  For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Abstract

Keywords

archive; assurances; authentication; authorization; availability; backup; compromise; confidentiality; cryptanalysis; cryptographic key; cryptographic module; digital signature; hash function; key agreement; key information; key-inventory management; key management; key management policy; key recovery; key transport; originator-usage period; private key; public key; recipient-usage period; secret key; split knowledge; trust anchor
Control Families

Access Control; Audit and Accountability; Contingency Planning; Media Protection; Planning; System and Communications Protection; System and Information Integrity

Documentation

Publication:
SP 800-57 Part 1 Rev. 5 (Draft) (DOI)
Local Download

Supplemental Material:
None available

Document History:
10/08/19: SP 800-57 Part 1 Rev. 5 (Draft)
05/04/20: SP 800-57 Part 1 Rev. 5 (Final)