The National Institute of Standards and Technology (NIST) updated Special Publication (SP) 800-57 Part 1, Revision 5, for guidance and best practices managing cryptographic keying material.
The SP includes “definitions of the security services that may be provided when using cryptography and the algorithms and key types that may be employed, specifications of the protection that each type of key and other cryptographic information requires and methods for providing this protection, discussions about the functions involved in key management, and discussions about a variety of key-management issues to be addressed when using cryptography.”
Other changes within the revision include:
- Emphasizing protection for metadata associated with keys;
- Discussions on access control, identity authentication, and inventory management for keys and certificates; and
- Guidance remaining consistent with Federal Information Processing Standards Publication 201 and SP 800-63-3.