NIST has published an updated version of their key derivation standard, SP 800-108 Revision 1. This standard specifies how to generate additional cryptographic keys from a single secret key using pseudorandom functions.
The main changes in this revision are:
1. Adding a new key-derivation function based on the Keccak cryptographic hash function
2. Discussing key-control issues when using the CMAC pseudorandom function
3. Providing methods to prevent a single party from controlling the derived key block
The standard is intended to help secure key management in cryptographic systems by providing a standardized way to generate multiple keys from a single secret key. This can improve security by reducing the number of keys that need to be securely stored and managed.
The revision is based on the original 2008 edition of SP 800-108, which used HMAC and CMAC as pseudorandom functions. The updated standard is now available for use in secure key management systems.
Keywords: Key: Key Derivation, Pseudorandom Functions, Key-derivation Functions, HMAC, CMAC, KMAC, Key-control, Key Block
