Scribd
Upload
189 views3 pages

Critical Thinking Assignment 4-2 Critical Thinking Assignment 4-2

The document discusses recommended crypto-periods (maximum time before replacing cryptographic keys) for hash, symmetric, and asymmetric algorithms. It provides a table with the average recommended times from multiple sources: 1.8 years for hash, 2 years for symmetric, and 2.7 years for asymmetric algorithms. While guidelines suggest longer periods may be used, the author recommends the shortest times due to risks associated with longer cryptoperiods.

Uploaded by

Cristhian Chahuayo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
189 views3 pages

Critical Thinking Assignment 4-2 Critical Thinking Assignment 4-2

The document discusses recommended crypto-periods (maximum time before replacing cryptographic keys) for hash, symmetric, and asymmetric algorithms. It provides a table with the average recommended times from multiple sources: 1.8 years for hash, 2 years for symmetric, and 2.7 years for asymmetric algorithms. While guidelines suggest longer periods may be used, the author recommends the shortest times due to risks associated with longer cryptoperiods.

Uploaded by

Cristhian Chahuayo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

lOMoARcPSD|5111856

Critical Thinking Assignment 4-2

Applications in Information Security (State College of Florida, Manatee-Sarasota)

StuDocu no está patrocinado ni avalado por ningún colegio o universidad.


Descargado por henry lazo ([email protected])
lOMoARcPSD|5111856

Critical Thinking 4-2: Recommended Crypto-periods

How long should a key be used before it is replaced? Search the Internet
for information regarding crypto-periods for hash, symmetric, and asymmet-
ric algorithms. Find at least three sources for each of the algorithms. Draw a
table that lists the algorithms and the recommended time, and then calculate
the average for each. Do you agree or disagree? What would be your recom-
mendation on crypto-periods for each? Why?

Algorithm Max Time Average Sources

Hash 2yrs 1.8yrs https://web.ar-


chive.org/web/
1.5yrs 20110617055733/
http://www.cse-
2yrs cst.gc.ca/its-sti/ser-
vices/crypto-ser-
vices-crypto/ca-ac-
eng.html
https://infos-
cience.epfl.ch/record/
164539/files/NPDF-
32.pdf
https://info.-
townsendsecurity.-
com/definitive-guide-
to-encryption-key-
management-funda-
mentals
Symmetric 2yrs 2yrs https://nvlpubs.nist.-
gov/nistpubs/Spe-
2yrs cialPublications/
NIST.SP.800-
2yrs 57pt1r4.pdf

https://
www.keylength.com/
en/4/
https://csrc.nist.gov/
Projects/Key-Manage-
ment

Descargado por henry lazo ([email protected])


lOMoARcPSD|5111856

Algorithm Max Time Average Sources


Asymetric 3yrs 2.7yrs https://securityncom-
pliance.wordpress.-
3yrs com/2014/04/19/
cryptographic-keys-
2yrs and-their-cryptope-
riod-nist-recommen-
dations-2012/
https://nvlpubs.nist.-
gov/nistpubs/Spe-
cialPublications/
NIST.SP.800-
57pt1r4.pdf
https://www.gronau-
it-cloud-comput-
ing.de/en/crypto-
graphic-key-length-
recommendation-
from-organizations/

The cryptoperiods suggested are only rough guidelines; longer or shorter cryptope-
riods may be warranted, depending on the application and environment in which
the keys will be used. However, when assigning a longer cryptoperiod than that
suggested below, serious consideration should be given to the risks associated with
doing so. Shorter is always better even though it might not be easier to apply. I
would recommend the shortest time for each cryptoperiod because of the risks as-
sociated with longer periods.

Descargado por henry lazo ([email protected])

You might also like