Key Establishment Methods in FIPS 140-2

  • Random Number Generation
  • Key Establishment
  • Key Agreement
  • Key Transport (key encapsulation, key wrapping)
  • Key Generation
  • Key Entry/Output
  • Key Storage
  • Key Zeroization
  • Key Derivation (possibly, from other keys)

Key Management Standards and Specification Development Initiatives

  • ANSI X9 Financial Industry Standards
  • DMTF Security Modeling Working Group
  • GlobalPlatform Key Management System
  • IEEE P1619.3 Security in Storage Working Group (SISWG), Key Management
  • IEEE ICSG Privilege Management Protocols (PMP) Working Group
  • IETF Provisioning of Symmetric Keys (KEYPROV) Working Group
  • ISO/IEC 11770: Key Management
  • KeyGen2: Key Provisioning/Management Standards Proposal
  • National Institute of Standards and Technology (NIST)
  • OASIS Enterprise Key Management Infrastructure (EKMI) Technical Committee
  • OASIS Key Management Interoperability Protocol (KMIP) Technical Committee
  • Sun Crypto Key Management System (KMS)
  • Trusted Computing Group: Infrastructure Work Group and Key Management Services Subgroup
  • W3C XML Key Management (XKMS)

Related: FIPS 140


Keylength - Cryptographic Key Length Recommendation


The Key Management Interoperability Protocol (KMIP) defines the communication between a Key Lifecycle Management System (KLMS) and its clients. Some companies have been working with proprietary implementations of KMIP in different programming languages for a while, but up until now, no open-source solution existed. KMIP4J is an open-source implementation of KMIP 1.0 in Java.


Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.