Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations

Published

Author(s)

Elaine B. Barker, William C. Barker

Abstract

NIST Special Publication (SP) 800-57 provides cryptographic key management guidance. It consists of three parts. Part 1 provides general guidance and best practices for the management of cryptographic keying material. Part 2 provides guidance on policy and security planning requirements. Finally, Part 3 provides guidance when using the cryptographic features of current systems. Part 2 (this document) 1) identifies the concepts, functions and elements common to effective systems for the management of symmetric and asymmetric keys; 2) identifies the security planning requirements and documentation necessary for effective institutional key management; 3) describes Key Management Specification requirements; 4) describes cryptographic Key Management Policy documentation that is needed by organizations that use cryptography; and 5) describes Key Management Practice Statement requirements. Appendices provide examples of some key management infrastructures and supplemental documentation and planning materials.
Citation
Special Publication (NIST SP) - 800-57pt2r1
Report Number
800-57pt2r1

Keywords

authentication, authorization, availability, backup, certification authority, compromise, confidentiality, cryptographic key, cryptographic module, digital signatures, encryption, integrity, inventory management, key information, key management, cryptographic key management policy, key recovery, private key, public key, public key infrastructure, security plan, symmetric key

Citation

Barker, E. and Barker, W. (2019), Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-57pt2r1 (Accessed October 13, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created May 23, 2019, Updated May 29, 2019