Call for comments: ipd SP 800-133r3 Recommendation for Cryptographic Key Generation
163 views
Skip to first unread message
Hamilton Silberg
Apr 17, 2026, 9:54:13 AM (6 days ago) Apr 17
to pqc-forum
Hello all,
The initial public draft (ipd) of NIST SP 800-133r3 (Revision 3), Recommendation for Cryptographic Key Generation, is available for public comment.
Proposed changes in this revision include the following:
• Asymmetric key-pair generation has been expanded to include methods for deriving randomness during key-pair generation.
• Key-pair generation now has options for derivation similar to symmetric keys and new methods for “seed expansion,” which allows for the limited use of SHAKE and deterministic random bit generators (DRBGs).
• Key-encapsulation mechanisms (KEMs) are discussed as a key-establishment option for symmetric key generation, and post-quantum cryptography (PQC) references have been added throughout (e.g., the new PQC signatures).
• Text has been reworded to address random number generation in alignment with SP 800-90C.
Comments are especially requested regarding:
• Hardware security module (HSM) design — How do these requirements align with common practice and existing systems using a root seed/secret value?
• PQC implementations and protocols — How do these requirements fit with storing keys as seeds (e.g., for ML-KEM) and performing hybrid (i.e., combined classical and post-quantum) implementations?
The public comment period will be open through June 16, 2026.
See: https://csrc.nist.gov/pubs/sp/800/133/r3/ipd
Best,
-Hamilton Silberg
NIST PQC
The initial public draft (ipd) of NIST SP 800-133r3 (Revision 3), Recommendation for Cryptographic Key Generation, is available for public comment.
Proposed changes in this revision include the following:
• Asymmetric key-pair generation has been expanded to include methods for deriving randomness during key-pair generation.
• Key-pair generation now has options for derivation similar to symmetric keys and new methods for “seed expansion,” which allows for the limited use of SHAKE and deterministic random bit generators (DRBGs).
• Key-encapsulation mechanisms (KEMs) are discussed as a key-establishment option for symmetric key generation, and post-quantum cryptography (PQC) references have been added throughout (e.g., the new PQC signatures).
• Text has been reworded to address random number generation in alignment with SP 800-90C.
Comments are especially requested regarding:
• Hardware security module (HSM) design — How do these requirements align with common practice and existing systems using a root seed/secret value?
• PQC implementations and protocols — How do these requirements fit with storing keys as seeds (e.g., for ML-KEM) and performing hybrid (i.e., combined classical and post-quantum) implementations?
The public comment period will be open through June 16, 2026.
See: https://csrc.nist.gov/pubs/sp/800/133/r3/ipd
Best,
-Hamilton Silberg
NIST PQC
Reply all
Reply to author
Forward
0 new messages