Cryptography is a method to protect data through a reversible encryption process, and is a foundational primitive used in many security protocols and services. Strong cryptography is based on industry-tested and accepted algorithms along with key lengths that provide a minimum of 112-bits of effective key strength and proper key-management practices.
Effective key strength can be shorter than the actual ‘bit’ length of the key, which can lead to algorithms with larger keys providing lesser protection than algorithms with smaller actual, but larger effective, key sizes. It is recommended that all new implementations use a minimum of 128-bits of effective key strength.
Examples of industry references on cryptographic algorithms and key lengths include:
- NIST Special Publication 800-57 Part 1,
- BSI TR-02102-1,
- ECRYPT-CSA D5.4 Algorithms, Key Size and Protocols Report (2018), and
- ISO/IEC 18033 Encryption algorithms, and
- ISO/IEC 14888-3:2-81 IT Security techniques – Digital signatures with appendix – Part 3: Discrete logarithm based mechanisms.