Best Practices for Key Management Organizations: NIST Publishes SP 800-57 Part 2 Rev. 1

NIST announces the publication of Special Publication (SP) 800-57 Part 2 Revision 1, Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations. It provides guidance on how organizations should manage cryptographic keys in accordance with federal key management policies and best practices described in SP 800-57 Part 1, Recommendation for Key Management, Part 1: General.

This revision is consistent with the Cybersecurity Enhancement Act of 2014 and provides direct cybersecurity support for private sector key management as well as government-focused guidance consistent with OMB Circular A-130. Additionally, the document introduces a more comprehensive set of key management concepts, broadens the applicability of its recommendations, and provides explanatory material that applies to both centralized and decentralized key management structures.

READ  NIST has withdrawn Special Publication (SP) 800-64 Revision 2, “Security Considerations in the System Development Life Cycle” (October 2008)

Publication details:

CSRC Update: 

NIST Computer Security Division (Attn: SP 800-57 Authors)
Notification Sent by: P. O’Reilly, NIST Computer Security Division