Scribd
Upload
19 views2 pages

Encryption Standard

Encryption Standard

Uploaded by

Juan Perez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
19 views2 pages

Encryption Standard

Encryption Standard

Uploaded by

Juan Perez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

ENCRYPTION STANDARD

1. INTRODUCTION

1.1 PURPOSE
The purpose of this document is to outline acceptable encryption algorithm standards for use
in supporting the appropriate protection of sensitive information within Company’s
operating environment.

1.2 SCOPE
The scope of this document covers:
 The data encryption schemes and key sizes used when protecting strictly confidential,
sensitive data or other data that has been deemed as requiring encryption.

1.3 RELATED DOCUMENT


 PCA IT Security Policy: Encryption
 PCA Information Classification and Handling Policy

1.4 DOCUMENT REVIEW AND MAINTENANCE


This document will be reviewed and maintained by Regional IT Security.
2 Encryption - Introduction

Encryption is a process whereby information is encoded (usually via a key) to protect it and
decoded using the same or paired key. When then algorithm remains trusted and unbroken,
the difficult in decoding the information without the key, is relative to the key size.

Hence 3 critical activities are necessary to ensure the information is safeguarded:


1. A well-chosen algorithm is selected that is appropriate against the requirement.
2. An appropriate length key size is selected to ensure encrypted data is resistant to a brute
force of the key
3. The implementation must use the algorithm and the key as designed.
(As example: Using public key cryptography without an available random seed creates a
weak easily broken implementation)

This standard provides the list of known trusted algorithms and key sizes that are considered
safe to use now and for the future, existing algorithm such as DES, MD5, SHA-1 are
considered no longer appropriate for new designs.

2.1 Algorithm Selection:


 Public Key Algorithms: RSA, Diffie-Hellman, ElGamal
 Private Key Algorithms: Triple-DES (Data Encryption
Standard), Advanced Encryption Standard (AES), Blowfish,
Twofish, RC4
 Hash Algorithms: SHA-2, SHA-3, RIPEMD-128/256,

2.2 Key Size Requirements:


 Public Key Algorithms: 2048 bit or higher
 Private Key Algorithms: 128 bit or higher
 Hash Algorithms: 128 bit or higher

You might also like