NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:
Computer Security Division Documents Guide Click Here to download the "Guide to NIST Information Security Documents."

Updated: August 2009
Posted: December 2009

*NOTE: Categories in the Families, Topic Clusters, and Legal Requirements listings are from the "Guide to NIST Information Security Documents."

Publications

Archived Special Publications (500 & 800 Series)

This page contains a list of withdrawn Special Publications (SPs) that have either been superseded by an updated SP or is no longer being supported and no updated version was released.

Key - The left column (Number) contains the withdrawn SP number. The second column shows the original release date of the SP. The Title column depicts the title of the SP followed by the date the SP was withdrawn and if the SP is superseded, the new document number is listed. To go to the FIPS PUBS, SPs, NIST IRs, and ITL Security Bulletin page go to the link provided in the left menu bar or the drop down menu bar at the top of the page when cursor is placed over "Publications."

Email Patrick O'Reilly if you need to get a copy of an archived publication. Note that some of the 500 series documents are only available in hard copy and can be mailed upon request.

Archived Special Publications
NumberDateTitle
SP 800-135Dec. 2010Recommendation for Existing Application-Specific Key Derivation FunctionsWithdrawn: Dec. 2011
Superceded By: SP 800 135 Rev. 1
SP 800-131Recommendation for the Transitioning of Cryptographic Algorithms and Key SizesWithdrawn: Jan. 2011
Superceded By: SP 800 131 A
SP 800-121Sept 2008Guide to Bluetooth SecurityWithdrawn: June 2012
Superceded By: SP 800 121 Rev. 1
SP 800-107Feb. 2009Recommendation for Applications Using Approved Hash AlgorithmsWithdrawn: Aug. 2012
Superceded By: SP 800 107 Rev. 1
SP 800-90Mar 2007Recommendation for Random Number Generation Using Deterministic Random Bit GeneratorsWithdrawn: Jan. 2012
Superceded By: SP 800 90 A
SP 800-87Mar 2007Codes for the Identification of Federal and Federally Assisted Organizations *
Withdrawn: Apr 2008
Superceded By: SP 800 87 Rev 1
SP 800-85 A-1Mar. 2009PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-2 Compliance)Withdrawn: July 2010
Superceded By: SP 800 85 A-2
SP 800-85 AApr 2006PIV Card Application and Middleware Interface Test Guidelines (SP800-73 compliance) *
Withdrawn: Apr. 2009
Superceded By: SP 800 85 A-1
SP 800-81May 2006Secure Domain Name System (DNS) Deployment GuideWithdrawn: Aug. 2010
Superceded By: SP 800 81 Rev. 1
SP 800-79Jul 2005Guidelines for the Certification and Accreditation of PIV Card Issuing Organizations *
Withdrawn: June 2008
Superceded By: SP 800 79 -1
SP 800-78 -2Feb. 2010Cryptographic Algorithms and Key Sizes for Personal Identification Verification (PIV)Withdrawn: Dec. 2010
Superceded By: SP 800 78 -3
SP 800-78Apr 2005Cryptographic Algorithms and Key Sizes for Personal Identity Verification *
Withdrawn: Aug 2007
Superceded By: SP 800 78 -2
SP 800-76Feb 2006Biometric Data Specification for Personal Identity Verification *
Withdrawn: Jan 2006
Superceded By: SP 800 76 -1
SP 800-73 -2Sept. 2008Interfaces for Personal Identity Verification (4 parts):
1- End-Point PIV Card Application Namespace, Data Model and Representation
2- End-Point PIV Card Application Interface
3- End-Point PIV Client Application Programming Interface
4- The PIV Transitional Data Model and InterfacesWithdrawn: Feb. 2010
Superceded By: SP 800 73 -3
SP 800-73 -1Mar 2006Interfaces for Personal Identity Verification *
Withdrawn: Sept 2008
Superceded By: SP 800 73 -3
SP 800-73Apr 2005Interfaces for Personal Identity Verification *
Withdrawn: Mar 2006
Superceded By: SP 800 73 -3
SP 800-70 Rev. 1Sept. 2009National Checklist Program for IT Products--Guidelines for Checklist Users and DevelopersWithdrawn: Feb. 2011
Superceded By: SP 800 70 Rev. 2
SP 800-70May 2005Security Configuration Checklists Program for IT Products: Guidance for Checklists Users and DeveloperWithdrawn: Sept. 2009
Superceded By: SP 800 70 Rev. 2
SP 800-68Oct 2005Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist *
Withdrawn: October 2008
Superceded By: SP 800 68 Rev. 1
SP 800-67May 2008Recommendation for the Triple Data Encryption Algorithm (TDEA) Block CipherWithdrawn: January 2012
Superceded By: SP 800 67 Rev. 1
SP 800-66Mar 2005An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule *
Withdrawn: Oct 2008
Superceded By: SP 800 66 Rev 1
SP 800-64 Rev.1Jun 2004Security Considerations in the Information System Development Life Cycle *
Withdrawn: Oct 2008
Superceded By: SP 800 64 Rev. 2
SP 800-64Oct 2003Security Considerations in the Information System Development Life Cycle *
Withdrawn: Jun 2004
Superceded By: SP 800 64 Rev.1
SP 800-61 Rev. 1Mar 2008Computer Security Incident Handling GuideWithdrawn: Aug. 2012
Superceded By: SP 800 61 Rev. 2
SP 800-61 -1Aug 2007 Cryptographic Algorithms and Key Sizes for Personal Identity Verification *
Withdrawn: Feb. 2010
Superceded By: SP 800 78 -2
SP 800-61Jan 2004Computer Security Incident Handling Guide *
Withdrawn: March 2008
Superceded By: SP 800 61 Rev. 1
SP 800-60Jun 2004Guide for Mapping Types of Information and Information Systems to Security Categories *
Withdrawn: August 2008
Superceded By: SP 800 60 Rev. 1
SP 800-55Jul 2003Security Metrics Guide for Information Technology Systems *
Withdrawn: July 2008
Superceded By: SP 800 55 Rev. 1
SP 800-53 Rev. 1Dec 2006Recommended Security Controls for Federal Information SystemsWithdrawn: July 2009
Superceded By: SP 800 53 Rev. 2
SP 800-53Feb 2005Recommended Security Controls for Federal Information Systems *
Withdrawn: Dec 2006
Superceded By: SP 800 53 Rev. 1
SP 800-53 Rev. 2Dec 2007Recommended Security Controls for Federal Information SystemsWithdrawn: Dec. 2010
Superceded By: SP 800 53 Rev. 3
SP 800-53 AJul 2008Guide for Assessing the Security Controls in Federal Information SystemsWithdrawn: June 2011
Superceded By: SP 800 53 A Rev. 1
SP 800-51Sep 2002Use of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming SchemeWithdrawn: Feb. 2011
Superceded By: SP 800 51 Rev. 1
SP 800-48Nov 2002Wireless Network Security: 802.11, Bluetooth, and Handheld Devices *
Withdrawn: July 2008
Superceded By: SP 800 48 Rev. 1
SP 800-46Aug 2002Security for Telecommuting and Broadband CommunicationsWithdrawn: June 2009
Superceded By: SP 800 46 Rev. 1
SP 800-45Sep 2002Guidelines on Electronic Mail Security *
Withdrawn: Feb 2007
Superceded By: SP 800 45 Version 2
SP 800-44Sep 2002Guidelines on Securing Public Web Servers *
Withdrawn: Sep 2007
Superceded By: SP 800 44 Version 2
SP 800-42Oct 2003Guideline on Network Security Testing *
Withdrawn: Sept 2008
Superceded By: SP 800 115
SP 800-41Jan 2002Guidelines on Firewalls and Firewall PolicyWithdrawn: Sept. 2009
Superceded By: SP 800 41 Rev. 1
SP 800-40Aug 2002Creating a Patch and Vulnerability Management Program *
Withdrawn: Nov 2005
Superceded By: SP 800 40 Version 2.0
SP 800-37May 2004Guide for the Security Certification and Accreditation of Federal Information SystemsWithdrawn: Feb. 2010
Superceded By: SP 800 37 Rev. 1
SP 800-34Jun 2002Contingency Planning Guide for Information Technology SystemsWithdrawn: May 2010
Superceded By: SP 800 34 Rev. 1
SP 800-31Aug 2001Intrusion Detection Systems *
Withdrawn: February 2007
Superceded By: SP 800 94
SP 800-30Jul 2002Risk Management Guide for Information Technology SystemsWithdrawn: Sept. 2012
Superceded By: SP 800 30 Rev. 1
SP 800-28Oct 2001Guidelines on Active Content and Mobile Code *
Withdrawn: March 2008
Superceded By: SP 800 28 Version 2
SP 800-28Oct 2001Guidelines on Active Content and Mobile Code *
Withdrawn: Mar 2008
Superceded By: SP 800 28 Version 2
SP 800-27Jun 2001Engineering Principles for Information Technology Security (A Baseline for Achieving Security) *
Withdrawn: Jun 2004
Superceded By: SP 800 27 Rev. A
SP 800-26 Rev.1Apr 2005Guide for Information Technology Security Assessments and System Reporting Form *
Withdrawn: Feb. 2007
Superceded By: FIPS 200, SP 800-53, SP 800-53A
SP 800-26Nov 2001Security Self-Assessment Guide for Information Technology Systems *
Withdrawn: Feb. 2007
Superceded By: FIPS 200, SP 800-53, SP 800-53A
SP 800-22May 2001A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications *
Withdrawn: Aug. 2008
Superceded By: SP 800 22 Rev. 1
SP 800-21Nov 1999Guideline for Implementing Cryptography in the Federal Government *
Withdrawn: Dec 2005
Superceded By: SP 800 21 2nd edition
SP 800-18Dec 1998Guide for Developing Security Plans for Federal Information Systems *
Withdrawn: Feb 2006
Superceded By: SP 800 18 Rev.1
SP 800-11February 1995The Impact of the FCC's Open Network Architecture on NS/EP Telecommunications Security *
SP 800-10December 1994Keeping Your Site Comfortably Secure: An Introduction to Internet Firewalls *
SP 800-9December 1993Good Security Practices for Electronic Commerce, Including Electronic Data Interchange *
SP 800-8August 1993Security Issues in the Database Language SQL *
SP 800-7July 1994Security in Open Systems *
SP 800-6December 1992Automated Tools for Testing Computer System Vulnerability *
SP 800-5December 1992A Guide to the Selection of Anti-Virus Tools and Techniques *
SP 800-4March 1992Computer Security Considerations in Federal Procurements: A Guide for Procurement Initiatiors, Contracting Officers, and Computer Security *
Withdrawn: October 2003
Superceded By: SP 800-64 Security Considerations in the Information System Development Life Cycle
SP 800-3November 1991Establishing a Computer Security Incident Response Capability (CSIRC) *
Withdrawn: January 2004
Superceded By: SP 800 61 Computer Security Incident Handling Guide
SP 800-2April 1991Public-Key Cryptography *
SP 500 189September 1991Security in ISDN *
SP 500 174October 1989Guide for Selecting Automated Risk Analysis Tools *
SP 500 172November 1989Computer Security Training Guidelines *
Withdrawn: April 1998
Superceded By: SP 800 16 Information Technology Security Training Requirements: A Role- and Performance- Based Model
SP 500 1711989Computer Users' Guide to the Protection of Information Resources *
SP 500 1701989Management Guide to the Protection of Information Resources *
SP 500 1691989Executive Guide to the Protection of Information Resources *
SP 500 166August 1989Computer Viruses and Related Threats: A Management Guide *
SP 500 158August 1988Accuracy, Integrity, and Security in Computerized Vote-Tallying *
sP 500 157September 1988Smart Card Technology: New Methods for Computer Access Control *
SP 500 156May 1988Message Authentication Code (MAC) Validation System: Requirements and Procedures *
SP 500 153April 1988Guide to Auditing for Controls and Security: A System Development Life Cycle Approach *
SP 500 134November 1985Guide on Selecting ADP Backup Process Alternatives *
SP 500 133October 1985Technology Assessment: Methods for Measuring the Level of Computer Security *
SP 500 120January 1985Security of Personal Computer Systems - A Management Guide *
SP 500 61August 1980Maintenance Testing for the Data Encryption Standard *
Back to Top