Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Key Management Workshop 2014

NIST conducted a two-day Key Management Workshop on March 4-5, 2014. The workshop was held to discuss a draft of NIST Special Publication (SP) 800-152 ("A Profile for U.S. Federal CKMS") that was made available for public comment prior to the workshop. This draft was based on the requirements in SP 800-130 ("A Framework for Designing Cryptographic Key Management Systems"), but extended beyond SP 800-130 to establish specific requirements for Federal organizations desiring to use or operate a CKMS, either directly or under contract; recommended augmentations to these requirements for those Federal CKMSs requiring additional security; and suggested additional features for consideration. This draft of the Profile addressed the topics included in SP 800-130, and also included discussions on CKMS testing, procurement, installation, administration, operation, maintenance and use.

While the Profile is intended for use by the U.S. Federal government, it may also be used by other public or private sectors as a model for the development of their own profile. 

Input from the workshop participants was solicited regarding the utility and feasibility of these requirements, recommended augmentations and suggested features. This input, along with comments received during the public comment period were incorporated into the next version of SP 800-152.

RelatedCryptographic Key Management Project

Reference Documentation: Printed copies of NIST SP 800-152 were not available at the workshop.

Preliminary Agenda
Printable Agenda

Presentations are linked via sessions (below)

Tuesday, March 4, 2014
(times were adjusted to accommodate NIST's delayed opening)

New Start Time 10:30am - 10:45am

Welcome and administrative information
Elaine Barker, NIST

10:45am - 11:00am

SESSION 1: Introduction
(Sections 1-3) – Dennis Branstad

  • Cryptographic Key Management Project Overview
  • Profile Introduction, Scope, Goals, Audience
  • Framework Requirements (FRs), Profile Requirements (PRs), Profile Augmentations (PAs) and Profile Features (PFs)
  • Terminology
  • Framework and Profile Documents (Structure, Differences)
  • Questions/Comments
11:00am - 12:15pm

SESSION 2: Basic Concepts, Security Policies and Roles
(Sections 4 & 5) – Elaine Barker and Dennis Branstad

  • FCKMS Modules
  • Security Policies
  • Security Domains
  • Roles
  • Questions/Comments
12:15pm - 1:05pm


1:05pm - 3:00pm

SESSION 3: Secure Architectures
(Sections 6 and 10) - Miles Smid

  • Key and Metadata Protection and Management Functions
  • Access Control
  • Compromise Recovery
  • Disaster Recovery
  • Possible Network Configurations
  • Questions/Comments
3:00pm - 3:30pm


3:30pm - 5:00pm

SESSION 4: Spectrum of Applications
Elaine Barker and others



Wednesday, March 5, 2014

9:00am - 10:30am

SESSION 5: Measures and Security Controls
(Sections 6 and 8) – Elaine Barker and Ron Ross

10:30am- 11:00am


11:00am - 12:30pm

SESSION 6: Testing, Evaluation, and Validation
(Sections 9 and 11) – Dennis Branstad, Ron Ross, Miles Smid, Elaine Barker

  • Types of Testing 
  • Maintenance
  • FIPS 199, FIPS 200, and SP 800-53
  • Assessment (Ron Ross) (Miles Smid)
  • Validation
  • Questions/Comments
12:30pm - 1:30pm


1:30pm - 3:00pm

SESSION 7: Interoperability and Transitioning
(Section 7) - Elaine Barker

  • Interoperability Defaults and Recommendations
  • Transitioning
  • Questions/Comments
3:00pm - 3:30pm


3:30pm - 5:00pm

SESSION 8: Comments and Feedback
Elaine Barker 

  • Presentation and Discussion of Comments Received to Date – Elaine Barker, Dennis Branstad, Miles Smid
  • Outstanding Unresolved Issues
  • Test Cases
  • Where do we go from here?
  • Wrap-up



Created September 24, 2013, Updated June 26, 2017