Social:Cryptoperiod

From HandWiki

A cryptoperiod is the time span during which a specific cryptographic key is authorized for use. NIST's guidelines[1] typically recommend a long-term cryptoperiod of 1 - 3 years for asymmetric keys [2] and ≤ 2 years for symmetric keys.[3]

Factors to consider include the strength of the underlying encryption algorithm, key length, the likelihood of compromise through a security breach and the availability of mechanisms of revoking keys.

In traditional cryptographic practice, keys were changed at regular intervals, typically at the same time each day. The code word for a key change, in NSA parlance, is HJ or Hotel Juliet in the NATO phonetic alphabet.[4][5]


NESTOR in Vietnam

During the Vietnam War, the United States issued its forces a series of secure voice encryption equipment code-named NESTOR. According to a U.S. Army history: "To maintain compatibility, key changes had to occur simultaneously in all units. The time chosen for this change was midnight, tactically the worst possible time because the greatest number of enemy contacts occurred from 2200 to 0200. Moreover, where several units shared the same keying device, having to move at night to change key settings was inconvenient and dangerous and added to the reasons for not using the equipment. Later the time of the daily NESTOR key change was moved to 0600."[6]

[7]

References

  • Conduct Unbecoming, Randy Shilts, Macmillan, 2005, p. 117, describes HJ key change procedure