Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST Requests Public Comments on SP 800-132, Recommendation for Password-Based Key Derivation: Part 1: Storage Applications

NIST is currently reviewing SP 800-132, "Recommendation for Password-Based Key Derivation: Part 1: Storage Applications," (2010) and is requesting public feedback on all aspects of the publication by February 24, 2023.

NIST is in the process of a periodic review and maintenance of its cryptography standards and guidelines. 

Currently, we are reviewing the following publication: 

SP 800-132 specifies a family of password-based key derivation functions (PBKDFs) for deriving cryptographic keys from passwords or passphrases for the protection of electronically-stored data or for the protection of data protection keys. 

NIST requests feedback on all aspects of SP 800-132. Additionally, NIST would appreciate feedback on the industry need for new password-based standards, including memory-hard password-based key derivation functions and password hashing schemes. 

The public comment period is open through February 24, 2023. Send comments to cryptopubreviewboard [at] nist.gov (subject: Comments%20on%20SP%20800-132) (cryptopubreviewboard[at]nist[dot]gov) with “Comments on SP 800-132” in the subject line. 

Comments received in response to this request will be posted on the Crypto Publication Review Project site after the due date. Submitters’ names and affiliations (when provided) will be included, while contact information will be removed. See the project site for additional information about the review process. 

Released January 6, 2023, Updated January 9, 2023