« CSA Cloud Security for Newly Distributed Engineering Teams  | Main | NIST SP 800-124 Rev. 2(Draft) Guidelines for Managing the Security of Mobile Devices in the Enterprise »

2020.03.25

NIST SP 800-56C Rev. 2(Draft) Recommendation for Key-Derivation Methods in Key-Establishment Schemes

こんにちは、丸山満彦です。

NISTがSP 800-56C Rev. 2(Draft) Recommendation for Key-Derivation Methods in Key-Establishment Schemesについてのコメントを求めていますね。。。

NIST ITL

・2020.03.24 SP 800-56C Rev. 2(Draft) Recommendation for Key-Derivation Methods in Key-Establishment Schemes

・[PDF] SP 800-56C Rev. 2 (Draft) (DOI)

 

【参考】既存文書

SP 800-56A Rev. 3 Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography [PDF] Final 2018.04.16
SP 800-56B Rev. 2 Recommendation for Pair-Wise Key-Establishment Using Integer Factorization Cryptography [PDF] Final 2019.03.21
SP 800-56C Rev. 1 Recommendation for Key-Derivation Methods in Key-Establishment Schemes [PDF] Final 2018.04.16

 

Announcement

NIST requests comments on Special Publication (SP) 800-56C Revision 2, Recommendation for Key-Derivation Methods in Key-Establishment Schemes, which describes two categories of key-derivation methods that can be used during a key-establishment scheme as defined in SP 800-56A or SP 800-56B. The keying material derived using these methods shall be computed in its entirety before outputting any portion of it and shall only be used as secret keying material. This revision permits the use of “hybrid” shared secrets, and a newly added section specifies the conditions under which multiple instances of key expansion can be performed using a single key-derivation key obtained via randomness extraction.

 

Abstract

This Recommendation specifies techniques for the derivation of keying material from a shared secret established during a key-establishment scheme defined in NIST Special Publications 800-56A or 800-56B.

 

Table of Contents

1 Introduction

2 Scope and Purpose.

3 Definitions, Symbols and Abbreviations

3.1 Definitions
3.2 Symbols and Abbreviations

4 One-Step Key Derivation

4.1 Specification of Key-Derivation Functions
4.2 The Auxiliary Function H(x) and Related Parameters

5 Two-Step Key Derivation

5.1 Specification of Key-Derivation Procedure.
5.2 The Auxiliary MAC Algorithm and Related Parameters
5.3 Randomness Extraction followed by Multiple Key Expansion

6 Application-Specific Key-Derivation Methods

7 Selecting Hash Functions and MAC Algorithms

8 Further Discussion 

8.1 Using a Truncated Hash Function
8.2 The Choice of a Salt Value
8.3 MAC Algorithms used for Extraction and Expansion
8.4 Destruction of Sensitive Locally Stored Data

References

Appendix A: Revisions (Informative)

A.1 The Original Version of SP 800-56C
A.2 Revision 1
A.3 Revision 2

|

« CSA Cloud Security for Newly Distributed Engineering Teams  | Main | NIST SP 800-124 Rev. 2(Draft) Guidelines for Managing the Security of Mobile Devices in the Enterprise »

Comments

Post a comment



(Not displayed with comment.)




« CSA Cloud Security for Newly Distributed Engineering Teams  | Main | NIST SP 800-124 Rev. 2(Draft) Guidelines for Managing the Security of Mobile Devices in the Enterprise »