NIST Publishes Cryptographic Key Generation GuideSP 800-133 Cites Documents Containing Key Generation Specs
The National Institute of Standards and Technology has published new guidance on generating cryptographic keys to help organizations protect their data with secure keys no matter the type of algorithm they choose.
NIST Special Publication 800-133, Recommendation for Cryptographic Key Generation, offers guidance on generating the cryptographic keys that are needed to employ algorithms that provide confidentiality and integrity protection for data.
Protecting sensitive data requires different types of cryptographic algorithms, depending on the situation, but ultimately they all depend on keys, the cryptographic equivalent of a password. Even if adversaries know which algorithm an organization employs, they cannot gain access to the data unless they also have the proper key. NIST says SP 800-133 will help organizations find the specific information on how to generate these keys successfully.
NIST says SP 800-133 is primarily a high-level document that refers readers to other documents that contain details on generating the various types of keys. But it offers specific details for one type of key generation: the keys used in symmetric-key algorithms, in which the same key is used, for example, to encrypt and decrypt data. Symmetric-key algorithms operate quickly, and the keys must be kept secret. Organizations use these algorithms to protect sensitive information, including other keys, for which the algorithm is iterated as many times as needed to protect the information.
When it doesn't provide specific guidance, such as for asymmetric-key algorithms, SP 800-133 references other guides that contain the key generation specifications.