Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Recommendation for Existing Application-Specific Key Derivation Functions



Quynh H. Dang


Cryptographic keys are vital to the security of internet security applications and protocols. Many widely-used internet security protocols have their own application-specific Key Derivation Functions (KDFs) that are used to generate the cryptographic keys required for their cryptographic functions. This Recommendation provides security requirements for those KDFs. [Supersedes SP 800-135 (December 2010):]
Special Publication (NIST SP) - 800-135 Rev 1
Report Number
800-135 Rev 1


Cryptographic key, shared secret, Diffie-Hellman (DH) key exchange, hash function, Key Derivation Function (KDF), Hash-based Key Derivation Function, Randomness Extraction, Key expansion, Pseudorandom Function (PRF), HMAC, ANS X9.42-2001, ANS X9.63-2001, IKE, SSH, TLS, SRTP, SNMP, TPM


Dang, Q. (2011), Recommendation for Existing Application-Specific Key Derivation Functions, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed May 26, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created December 23, 2011, Updated November 10, 2018