Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Recommendation for Existing Application-Specific Key Derivation Functions



Quynh H. Dang


[Superseded by NIST SP 800-135 Rev. 1, "Recommendation for Existing Application-Specific Key Derivation Functions" (December 2011),] Cryptographic keys are vital to the security of internet security applications and protocols. Many widely-used internet security protocols have their own application-specific Key Derivation Functions (KDFs) that are used to generate the cryptographic keys required for their cryptographic functions. This Recommendation provides security requirements for those KDFs.
Special Publication (NIST SP) - 800-135
Report Number


Cryptographic key, shared secret, Diffie-Hellman (DH) key exchange, hash function, Key Derivation Function (KDF), Hash-based Key Derivation Function, Randomness Extraction, Key Expansion, Pseudorandom Function (PRF), HMAC, ANS X9.42-2001, ANS X9.63-2001, IKE, SSH, TLS, SRTP, SNMP, TPM


Dang, Q. (2010), Recommendation for Existing Application-Specific Key Derivation Functions, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed April 13, 2024)
Created December 23, 2010, Updated November 10, 2018