Recommendation for cryptographic key generation
Cryptography is often used in information technology security environments to protect sensitive, high-value data that might be compromised during transmission or while in storage. It relies upon two basic components: an algorithm (i.e., cryptographic methodology) and a cryptographic key. NIST has developed a wide variety of Federal Information Processing Standards (FIPS) and guidance to specify, approve, and manage cryptographic algorithms and keys for Federal Government use.
NIST invites comments on , Recommendation for Cryptographic Key Generation, which discusses the generation of keys to be managed and used by approved cryptographic algorithms. This revision adds the Edwards-curve Digital Signature Algorithm (EdDSA) to the original list of digital signature algorithms as well as KMAC as an algorithm for generating a Message Authentication Code (MAC). EdDSA will also be proposed as an additional signature algorithm in a forthcoming revision of Federal Information Processing Standard (FIPS) 186, Digital Signature Standard (DSS). KMAC is specified in SP 800-185, Recommendation for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters. Additional changes are listed in the final appendix of SP 800-133 Rev. 1.
A public comment period for is open until May 8, 2019.
A call for patent claims is included on page iv of this draft. For additional information, see the .
Provided by National Institute of Standards and Technology