Recommendation for Key-Derivation Methods in Key-Establishment Schemes

FINAL Released April 2018 This Recommendation specifies techniques for the derivation of keying material from a shared secret established during a key-establishment scheme defined in NIST SPs 800-56A or 800-56B. The first category consists of a family of one-step key-derivation functions, which derive keying material of a desired length from a shared secret generated during the execution of a key-establishment scheme (and possibly other information as well). The second category consists of an extraction-then-expansion key-derivation procedure, which involves two steps: 1) Randomness extraction, to obtain a single cryptographic key-derivation key from a shared secret generated during the execution of a key-establishment scheme, and 2) Key expansion, to derive keying material of the desired length from that key-derivation key and other information. Since NIST's [SP 800-108] specifies several families of key-derivation functions that are approved for deriving additional keying material from a given cryptographic key-derivation key, those functions are employed in the second (key-expansion) step of these two-step procedures. In addition to the key-derivation methods whose specifications are provided in this document, [SP 800-135] describes several variants (of both the one-step and two-step methods) that are approved for specific applications. A full copy of all the pertinent cybersecurity standards is available on DVD-ROM in the CyberSecurity Standards Library disc which is available at Amazon.com. NIST SP 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems NIST SP 1800-7 Situational Awareness for Electric Utilities NISTIR 7628 Guidelines for Smart Grid Cybersecurity DoD Energy Manager's Handbook FEMP Operations & Maintenance Best Practices UFC 4-020-01 DoD Security Engineering Facilities Planning Manual UFC 4-021-02 Electronic Security Systems GSA GSA Courtroom Technology Manual Draft NISTIR 8179 Criticality Analysis Process Model NISTIR 8144 Assessing Threats to Mobile Devices & Infrastructure NISTIR 8151 Dramatically Reducing Software Vulnerabilities NIST SP 800-183 Networks of 'Things' NIST SP 800-184 Guide for Cybersecurity Event Recovery UFC 4-021-02 Electronic Security Systems by Department of Defense FC 4-141-05N Navy and Marine Corps Industrial Control Systems Monitoring Stations UFC 4-010-01 DoD Minimum Antiterrorism Standards for Buildings UFC 4-020-01 DoD Security Engineering Facilities Planning Manual UFC 3-430-08N Central Heating Plant UFC 3-410-01 Heating, Ventilating, and Air Conditioning Systems UFC 3-810-01N Navy and Marine Corps Environmental Engineering for Facility Construction UFC 3-730-01 Programming Cost Estimates for Military Construction UFC 1-200-02 High-Performance and Sustainable Building Requirements UFC 3-301-01 Structural Engineering UFC 3-430-02FA Central Steam Boiler Plants UFC 3-430-11 Boiler Control Systems