Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Recommendation for Cryptographic Key Generation: NIST Publishes SP 800-133 Revision 1

NIST has published Special Publication 800-133 Revision 1, "Recommendation for Cryptographic Key Generation."

Cryptography relies upon two basic components—an algorithm and a cryptographic key—to protect data in an information technology security environment. Such data is often sensitive, of high value, or vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage. A wide variety of standards have therefore been developed to specify and approve cryptographic algorithms for use by the Federal Government.

NIST announces the publication of Special Publication (SP) 800-133 Revision 1, Recommendation for Cryptographic Key Generation, which discusses the generation of the keys to be managed and used by approved cryptographic algorithms. Guidance has been added regarding the handling of asymmetric key pairs after generation, as well as key-pair replacement or limiting the amount of information protected by a key pair in response to the compromise of a private key. This revision also includes clarifications and references to new publications not included in the original version, such as SP 800-71, Recommendation for Key Establishment Using Symmetric Block Ciphers, and the KMAC algorithm as specified in SP 800-185, SHA-3 Derived Functions. The final appendix contains a complete list of all changes and additions.

Released July 23, 2019, Updated August 27, 2019