1. Home
  2. Moldova standards
  3. STM
  4. St ISO IEC 11770-6-2016

ISO IEC 11770-6-2016 PDF

St ISO IEC 11770-6-2016

Name in English:
St ISO IEC 11770-6-2016

Name in Russian:
Ст ISO IEC 11770-6-2016

Description in English:

Original standard ISO IEC 11770-6-2016 in PDF full version. Additional info + preview on request

Description in Russian:
Оригинальный стандарт ISO IEC 11770-6-2016 в PDF полная версия. Дополнительная инфо + превью по запросу
Document status:
Active
Format:
Electronic (PDF)
Delivery time (for English version):
1 business day
Delivery time (for Russian version):
365 business days
SKU:
stiso23977
Choose Document Language:
€25

Full title and description

Information technology — Security techniques — Key management — Part 6: Key derivation. This international standard specifies key derivation functions (KDFs) that take secret information and other (public) parameters as input and output one or more derived secret keys; it defines KDFs based on MAC algorithms and on hash functions.

Abstract

ISO/IEC 11770-6:2016 defines mechanisms for deriving cryptographic keys from secret inputs and optional public parameters. The standard describes constructions and usage considerations for MAC-based and hash-based key derivation functions, including inputs, required parameters and security considerations for producing one or more independent derived keys.

General information

  • Status: Published / Confirmed (International Standard).
  • Publication date: October 2016 (2016-10 / 5 Oct–31 Oct 2016 reported by distributors).
  • Publisher: International Organization for Standardization (ISO) / IEC (joint JTC 1 committee context).
  • ICS / categories: 35.030 — IT security (information security, cryptography / key management).
  • Edition / version: Edition 1 (2016).
  • Number of pages: 23 (official ISO pagination; some national/adopted copies list slightly different page counts due to front matter).

Key bibliographic details above are drawn from the ISO bibliographic entry and major national publishers/distributors.

Scope

Specifies key derivation functions that produce one or more secret keys from secret inputs and optional public parameters. The standard covers both MAC-based and hash-based KDF constructions, parameterisation (salt, context/info, length), and security considerations for producing distinct keys for different purposes. It is intended to be used where key material must be derived securely from existing secrets (e.g., shared secrets, master keys, passwords) while ensuring key separation and appropriate entropy handling.

Key topics and requirements

  • Definitions and models for key derivation functions (KDFs).
  • MAC-based KDF constructions and usage rules.
  • Hash-based KDF constructions and usage rules.
  • Input parameters: secret input, salt/nonce, context/info, required output length.
  • Security goals: key separation, resistance to key recovery, entropy considerations.
  • Guidance on deriving multiple keys from a single secret while avoiding cross-protocol/key reuse issues.
  • References to related guidance and standards (e.g., relevant NIST SPs and other ISO/IEC standards used for context and interoperation).

Concepts and requirements summarised from the standard text and bibliographic descriptions.

Typical use and users

Implementers of cryptographic libraries and toolkits, protocol designers, security architects, product engineers embedding secure key management, conformity assessors, and standards bodies. Common uses include deriving session keys from master secrets, generating per-application keys from a single credential, and implementing secure key hierarchy and key separation in protocols and systems.

Related standards

Part of the ISO/IEC 11770 series on key management; related parts include ISO/IEC 11770-1 (framework), ISO/IEC 11770-2 (symmetric mechanisms), ISO/IEC 11770-3 (asymmetric mechanisms) and ISO/IEC 11770-4 (weak secrets). Other related standards and references include ISO/IEC 18031 (random bit generation), ISO/IEC 18033-2 (encryption algorithms), and various national/adopted versions and guidance documents; the text also cross-references established KDF guidance such as NIST recommendations.

Keywords

key derivation, KDF, MAC-based KDF, hash-based KDF, key management, secret key derivation, salt, context, key separation, ISO/IEC 11770, cryptographic primitives.

FAQ

Q: What is this standard?

A: ISO/IEC 11770-6:2016 is an international standard that defines key derivation functions and their correct usage for deriving one or more cryptographic keys from secret inputs.

Q: What does it cover?

A: It covers MAC-based and hash-based key derivation constructions, required input parameters (secret, salt, context/info, output length), security objectives (key separation, entropy management), and guidance for deriving multiple keys from a single secret.

Q: Who typically uses it?

A: Cryptographic library implementers, protocol designers, system and security architects, product teams building secure key management, and evaluators/conformity assessors.

Q: Is it current or superseded?

A: As published by ISO in October 2016 the standard is listed as Published / Confirmed. National bodies have adopted the text (often unchanged) and some national catalogues show reaffirmations or editorial/adoption entries; users should check their national standards body for any national revisions or advisories.

Q: Is it part of a series?

A: Yes — it is Part 6 of the ISO/IEC 11770 series on key management; other parts address framework and symmetric/asymmetric/weak-secret mechanisms (Parts 1–5 and related documents).

Q: What are the key keywords?

A: Key derivation, KDF, MAC-based KDF, hash-based KDF, key management, key separation, salt/nonce, context/info, derived keys.