Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths

At the start of the 21 century, the National Institute of Standards and Technology (NIST) began the task of providing cryptographic key management guidance, which includes defining and implementing appropriate key management procedures, using algorithms that adequately protect sensitive information, and planning ahead for possible changes in the use of cryptography because of algorithm breaks or the availability of more powerful computing techniques. NIST Special Publication (SP) 800-57, Part 1 was the first document produced in this effort, and includes a general approach for transitioning from one algorithm or key length to another. This Recommendation (SP 800-131A) provides more specific guidance for transitions to the use of stronger cryptographic keys and more robust algorithms.

[1]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping , 2012 .

[2]  Elaine B. Barker,et al.  Recommendation for Random Number Generation Using Deterministic Random Bit Generators , 2007 .

[3]  William C. Barker,et al.  TECHNOLOGY ADMINISTRATION , 2004 .

[4]  Elaine B. Barker,et al.  SP 800-56A. Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised) , 2007 .

[5]  Morris J. Dworkin SP 800-38C. Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality , 2004 .

[6]  Paul C. van Oorschot,et al.  A Known Plaintext Attack on Two-Key Triple Encryption , 1991, EUROCRYPT.

[7]  Arjen K. Lenstra,et al.  Factorization of a 768-Bit RSA Modulus , 2010, CRYPTO.

[8]  Lidong Chen,et al.  Recommendation for Key Derivation Using Pseudorandom Functions (Revised) , 2009 .

[9]  Morris J. Dworkin,et al.  SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC , 2007 .

[10]  Morris J. Dworkin,et al.  SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication , 2005 .

[11]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[12]  Elaine B. Barker,et al.  Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography , 2007 .

[13]  David A. Cooper,et al.  Guidelines for the selection, configuration, and use of Transport Layer Security (TLS) implementations , 2005 .

[14]  Morris Dworkin,et al.  Special Publication 800-38C, Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality , 2003 .

[15]  Quynh H. Dang SP 800-107. Recommendation for Applications Using Approved Hash Algorithms , 2009 .