Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST to Revise SP 800-132, Recommendation for Password-Based Key Derivation – Part 1: Storage Applications

NIST has decided to revise SP 800-132, "Recommendation for Password-Based Key Derivation – Part 1: Storage Applications." Read this announcement for more details.

In January 2023, NIST's Crypto Publication Review Board initiated a review process for NIST Special Publication (SP) 800-132, Recommendation for Password-Based Key Derivation – Part 1: Storage Applications(December 2010).

In March 2023, NIST proposed revising SP 800-132, in response to the public comments received.

NIST has decided to revise SP 800-132 to

  1. approve an additional memory-hard password-based key derivation function and password hashing scheme, and
  2. provide additional guidelines and clarifications on the use of PBKDF2.

The effort to revise SP 800-132 will follow the typical process of posting a draft for public comment, although draft preparation has not yet started.

Monitor progress on CSRC News and CSRC Publications and by subscribing to email updates.

Released May 11, 2023, Updated February 3, 2025