Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

https://www.nist.gov/news-events/events/2012/09/cryptographic-key-management-workshop-2012

[画像:National Institute of Standards and Technology]

Cryptographic Key Management Workshop 2012

NIST conducted a two-day Key Management Workshop on September 10-11. The subject of the workshop was the technical and administrative aspects of Cryptographic Key Management Systems (CKMSs) that existed at the time and what would be required for U.S. Federal use in the future. On the first day, DRAFT NIST Special Publication 800-130 ("A Framework for Designing CKMS") and DRAFT NIST Special Publication 800-152 ("A Profile for U.S. Federal CKMS") were reviewed and comments were solicited from the workshop participants on the DRAFT documents. The second day focused on CKMS capabilities in future security products and services in new U.S. Federal Information Systems. Input from Workshop participants was solicited regarding the utility and feasibility of these capabilities as well as suggestions for other technical capabilities required in future CKMSs.

*NEW!* Summary of the Workshop on Cryptographic Key Management Systems

Webcast

The event was webcast live September 10 and 11. The link to the webcast is no longer available.

Related: Cryptographic Key Management Project

Reference Documentation: Copies of NIST SP 800-130 and NIST SP 800-152 will not be available at the workshop. If you'd like to reference either document while at the workshop, please print a copy to bring along.

Monday, September 10, 2012

9:00am - 9:15am

Welcome and administrative information – Elaine Barker, NIST

9:15am - 10:00am Key Management in Historical PerspectiveWhitfield Diffie
10:00am - 11:15am Review NIST SP 800-130 goals, audience, anticipated benefits and potential impacts; summarize CKMS design requirements and how they can be satisfiedMiles Smid, NIST Guest Researcher
11:15am - 11:35am Break
11:35am - 12:00pm Discussion of NIST SP 800-130, participant recommendations for improving the document, CKMS and domain security policies, CKMS market forcesMiles Smid, NIST Guest Researcher
12:00pm - 12:30pm NIST SP 800-130 to Evaluate Existing SystemsTony Stieber
12:30pm - 1:30pm Lunch
1:30pm - 2:00pm Review the NIST SP 800-152 goals, its intended audience and scope, the differences between the Framework and the Profile, and their anticipated uses – Elaine Barker, NIST
2:00pm - 3:00pm Discuss the draft requirements for NIST SP 800-152 – Elaine Barker, Miles Smid, Dennis Branstad
3:00pm - 3:30pm Break
3:30pm - 5:00pm Discussion of NIST SP 800-152 requirements (continued) – Elaine Barker, Miles Smid, Dennis Branstad

Tuesday, September 11, 2012

Moderator: Bill Newhouse, NIST
9:00am - 9:30am

Welcome and Leap-ahead Inspirational TalkTim Polk, NIST

9:30am - 10:00am Security Policies as a Foundation for Cryptographic Key ManagementDennis Branstad, NIST Guest Researcher
10:00am - 10:30am How to Balance Privacy and Key Management in User AuthenticationAnna Lysyanskaya, Brown University
10:30am - 11:00am Break
11:00am - 11:30am Key Centric Identity and Privilege ManagementPaul Lambert, Marvell
11:30am - 12:00pm Wireless/Mobile ApplicationsLily Chen, NIST
12:00pm - 12:30pm Securely Managing Cryptographic Keys used within a Cloud EnvironmentSarbari Gupta, Electrosoft
12:30pm - 1:30pm Lunch
1:30pm - 2:00pm Random Bit Generation Using SP 800-90Elaine Barker, NIST
2:00pm - 2:30pm Secure Key Storage and True Random Number Generation – An Overview - Rene Struik, Struik Security Consultancy
2:30pm - 3:00pm Designing Key Management with Usability in MindMary Theofanos, NIST
3:00pm - 3:30pm Break
3:30pm - 4:15pm Panel: Cross-Domain Interactions: Scenarios and SolutionsBob Griffin, RSA; John Leiseboer, Quintessence Labs; and Saikat Saha, SafeNet
4:15pm - 4:45pm Key Management Challenges of Derived Credentials and Techniques for Addressing ThemFrancisco Corella, Pomcor
4:45pm - 5:00pm Workshop Wrap-Up - Tim Polk, NIST


Call for Presentations

During the development of SP 800-130 (the Key Management Framework) and SP 800-152 (the Profile document), NIST identified a number of properties as particularly hard problems associated with secure Cryptographic Key Management Systems (CKMS). These problems include:

- Cryptographic
- Agility
- Scalability
- Anonymity
- Unlinkability
- Unobservability
- Usability
- Compromise recovery
- Multi-level security domains
- Negotiating and enforcing domain security policies, including a Policy Language for enabling negotiation and enforcement
- Interaction between domains, each with its own security policies

The second day of the workshop will focus on these and other hard problems. NIST requests the submission of abstracts for presentation about these and other problems associated with key management systems. These submissions should be no longer than two paragraphs in length and should be submitted to kmwquestions [at] nist.gov by August 6th.

Created July 2, 2012, Updated June 22, 2017
Was this page helpful?

AltStyle によって変換されたページ (->オリジナル) /