Best Practices for Key Management Organizations: NIST Publishes SP 800-57 Part 2 Rev. 1


NIST announces the publication of Special Publication (SP) 800-57 Part 2 Revision 1, Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations. It provides guidance on how organizations should manage cryptographic keys in accordance with federal key management policies and best practices described in SP 800-57 Part 1, Recommendation for Key Management, Part 1: General.

This revision is consistent with the Cybersecurity Enhancement Act of 2014 and provides direct cybersecurity support for private sector key management as well as government-focused guidance consistent with OMB Circular A-130. Additionally, the document introduces a more comprehensive set of key management concepts, broadens the applicability of its recommendations, and provides explanatory material that applies to both centralized and decentralized key management structures.

Publication details:

CSRC Update: