NIST has released a new document, Special Publication 800-133, which provides guidance on generating cryptographic keys used in secure data transmission and storage of sensitive information. This document is part of a series of publications concerning cryptographic key management, including SP 800-57 (parts 1, 2, and 3), SP 800-130, SP 800-152, and FIPS 186 Digital Signature Standard.
Cryptographic keys are essential for protecting sensitive electronic information, acting like a “password” for algorithms providing confidentiality and integrity protection. The publication primarily offers high-level guidance, referring readers to other documents for detailed instructions on generating various types of keys. However, it does provide specific details for one type of key generation – those used in symmetric-key algorithms.
Symmetric-key algorithms utilize the same key for both encrypting and decrypting data, requiring that keys remain secret. These algorithms are generally faster and are used to protect sensitive information, including other keys. Asymmetric-key algorithms, in contrast, employ two keys – a public key known to anyone and a private key maintained in secrecy. These algorithms are slower and are typically used for single operations such as generating digital signatures or encrypting keys for later use with symmetric-key algorithms.
Keywords: Cryptographic, Key management, Symmetric-key
