Sunday, January 8, 2023

NIST Requests Comments on SP 800-132, Recommendation for Password-Based Key Derivation: Part 1: Storage Applications

NIST is in the process of a periodic review and maintenance of its cryptography standards and guidelines. 

Currently, we are reviewing the following publication: 

SP 800-132 specifies a family of password-based key derivation functions (PBKDFs) for deriving cryptographic keys from passwords or passphrases for the protection of electronically-stored data or for the protection of data protection keys. 

NIST requests feedback on all aspects of SP 800-132. Additionally, NIST would appreciate feedback on the industry need for new password-based standards, including memory-hard password-based key derivation functions and password hashing schemes. 

The public comment period is open through February 24, 2023. Send comments to cryptopubreviewboard@nist.gov with “Comments on SP 800-132” in the subject line. 

Comments received in response to this request will be posted on the Crypto Publication Review Project site after the due date. Submitters’ names and affiliations (when provided) will be included, while contact information will be removed. See the project site for additional information about the review process. 

Read More