Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
NIST to Revise SP 800-132, Recommendation for Password-Based Key Derivation – Part 1: Storage Applications
NIST has decided to revise SP 800-132, "Recommendation for Password-Based Key Derivation – Part 1: Storage Applications." Read this announcement for more details.
In January 2023, NIST's Crypto Publication Review Board initiated a review process for NIST Special Publication (SP) 800-132, Recommendation for Password-Based Key Derivation – Part 1: Storage Applications (December 2010).
In March 2023, NIST proposed revising SP 800-132, in response to the public comments received.
NIST has decided to revise SP 800-132 to
- approve an additional memory-hard password-based key derivation function and password hashing scheme, and
- provide additional guidelines and clarifications on the use of PBKDF2.
The effort to revise SP 800-132 will follow the typical process of posting a draft for public comment, although draft preparation has not yet started.
Monitor progress on CSRC News and CSRC Publications and by subscribing to email updates.