NIST SP800-131A.pdf下载

At the beginning of the 21st century, the National Institute of Standards and Technology (NIST) began the task of providing cryptographic key management guidance. This included lessons learned over many years of dealing with key management issues, and is intended to encourage the definition and implementation of appropriate key management procedures, to use algorithms that adequately protect sensitive information, and to plan ahead for possible changes in the use of cryptography because of algorithm breaks or the availability of more powerful computing techniques. General key management guidance, including the general approach for transitioning from one algorithm or key length to another, is addressed in Part 1 of Special Publication (SP) 800-57 [SP 800-57]. This Recommendation (SP 800-131A) is intended to provide more detail about the transitions associated with the use of cryptography by Federal government agencies for the protection of sensitive, but unclassified information. The Recommendation addresses the use of algorithms and key lengths; the validation of cryptographic modules that utilize them is provided in [SP 800-131B]. The dates provided in SP 800-131A may differ from the dates originally provided in the 2005 version of [SP 800-57]. The revised dates provided herein attempt to deal with the realities associated with an orderly transition and are based on a better understanding of the risks associated with extending the dates in those cases where this was done. Note that an upper-date limit is not provided herein for many of the algorithms and key lengths discussed; that information is provided in [SP 800-57], and should be considered valid unless different guidance is provided in the future.