Cryptography standards

From HandWiki
Short description: Number of standards related to cryptography 
There are a number of standards related to cryptography. Standard algorithms and protocols provide a focus for study; standards for popular applications attract a large amount of cryptanalysis.

Encryption standards

Hash standards

Digital signature standards

Public-key infrastructure (PKI) standards

  • X.509 Public Key Certificates

Wireless Standards

  • Wired Equivalent Privacy (WEP), severely flawed and superseded by WPA
  • Wi-Fi Protected Access (WPA) better than WEP, a 'pre-standard' partial version of 802.11i
  • 802.11i a.k.a. WPA2, uses AES and other improvements on WEP
  • A5/1 and A5/2 cell phone encryption for GSM

U.S. Government Federal Information Processing Standards (FIPS)

  • FIPS PUB 31 Guidelines for Automatic Data Processing Physical Security and Risk Management 1974
  • FIPS PUB 46-3 Data Encryption Standard (DES) 1999
  • FIPS PUB 73 Guidelines for Security of Computer Applications 1980
  • FIPS PUB 74 Guidelines for Implementing and Using the NBS Data Encryption Standard 1981
  • FIPS PUB 81 DES Modes of Operation 1980
  • FIPS PUB 102 Guideline for Computer Security Certification and Accreditation 1983
  • FIPS PUB 112 Password Usage 1985, defines 10 factors to be considered in access control systems that are based on passwords
  • FIPS PUB 113 Computer Data Authentication 1985, specifies a Data Authentication Algorithm (DAA) based on DES, adopted by the Department of Treasury and the banking community to protect electronic fund transfers.
  • FIPS PUB 140-2 Security Requirements for Cryptographic Modules 2001, defines four increasing security levels
  • FIPS PUB 171 Key Management Using ANSI X9.17 (ANSI X9.17-1985) 1992, based on DES
  • FIPS PUB 180-2 Secure Hash Standard (SHS) 2002 defines the SHA family
  • FIPS PUB 181 Automated Password Generator (APG) 1993
  • FIPS PUB 185 Escrowed Encryption Standard (EES) 1994, a key escrow system that provides for decryption of telecommunications when lawfully authorized.
  • FIPS PUB 186-2 Digital Signature Standard (DSS) 2000
  • FIPS PUB 190 Guideline for the Use of Advanced Authentication Technology Alternatives 1994
  • FIPS PUB 191 Guideline for the Analysis of local area network Security 1994
  • FIPS PUB 196 Entity Authentication Using Public Key Cryptography 1997
  • FIPS PUB 197 Advanced Encryption Standard (AES) 2001
  • FIPS PUB 198 The Keyed-Hash Message Authentication Code (HMAC) 2002

Internet Requests for Comments (RFCs)

Below is a non-exhaustive overview of notable cryptography-related RFCs, grouped by topic.

Transport Security
  • RFC 8446 The Transport Layer Security (TLS) Protocol Version 1.3 Defines secure web communication (HTTPS), introduces modern cipher suites and removes legacy cryptography.REFERENCE FOR RFC8446 IS NOT DEFINED YET. You are invited to add it here.
  • RFC 5246 The Transport Layer Security Protocol Version 1.2 Predecessor to TLS 1.3, still widely implemented.REFERENCE FOR RFC5246 IS NOT DEFINED YET. You are invited to add it here.
Public-Key Cryptography and Signatures
  • RFC 8017 RSA Cryptography Specifications Defines RSA encryption and signature schemes such as RSA-OAEP and RSASSA-PSS.REFERENCE FOR RFC8017 IS NOT DEFINED YET. You are invited to add it here.
  • RFC 6979 Specifies deterministic generation of the nonce in DSA/ECDSA to avoid catastrophic randomness failures.REFERENCE FOR RFC6979 IS NOT DEFINED YET. You are invited to add it here.
  • RFC 7748 Defines modern elliptic curves X25519 and X448 for Diffie–Hellman key exchange.REFERENCE FOR RFC7748 IS NOT DEFINED YET. You are invited to add it here.
Symmetric Cryptography and MACs
  • RFC 2104 Defines the HMAC construction, widely used with hash functions such as SHA-256.REFERENCE FOR RFC2104 IS NOT DEFINED YET. You are invited to add it here.
  • RFC 5869 A widely used key derivation function used in protocols like TLS 1.3.REFERENCE FOR RFC5869 IS NOT DEFINED YET. You are invited to add it here.
  • RFC 8439 Defines the ChaCha20 stream cipher and Poly1305 MAC AEAD construction used in TLS, SSH, and QUIC.REFERENCE FOR RFC8439 IS NOT DEFINED YET. You are invited to add it here.
Public-Key Infrastructure and Certificates
  • RFC 5280 Defines the Internet profile for X.509 certificates, used by TLS certificate authorities.REFERENCE FOR RFC5280 IS NOT DEFINED YET. You are invited to add it here.
  • RFC 6960 Defines a protocol for checking certificate revocation status.REFERENCE FOR RFC6960 IS NOT DEFINED YET. You are invited to add it here.
Secure Messaging and Data Formats
  • RFC 5652 Defines the message format used for secure email (S/MIME).REFERENCE FOR RFC5652 IS NOT DEFINED YET. You are invited to add it here.
  • RFC 4880 Specifies the OpenPGP encryption and signature format used in tools like GnuPG.REFERENCE FOR RFC4880 IS NOT DEFINED YET. You are invited to add it here.
Network Security (IPsec)
  • RFC 4301 Defines the overall IPsec security architecture.REFERENCE FOR RFC4301 IS NOT DEFINED YET. You are invited to add it here.
  • RFC 4303 Specifies encrypted IP packets for IPsec.REFERENCE FOR RFC4303 IS NOT DEFINED YET. You are invited to add it here.
  • RFC 7296 Defines key exchange and authentication for IPsec VPNs.REFERENCE FOR RFC7296 IS NOT DEFINED YET. You are invited to add it here.

Classified Standards

  • EKMS NSA's Electronic Key Management System
  • FNBDT NSA's secure narrow band voice standard
  • Fortezza encryption based on portable crypto token in PC Card format
  • STE secure telephone
  • STU-III older secure telephone
  • TEMPEST prevents compromising emanations

Other

See also

  • NSA cryptography
  • Topics in cryptography

References



Retrieved from "https://handwiki.org/wiki/index.php?title=Cryptography_standards&oldid=4348330"