Cryptographic algorithms have been around for a while and are being used in more applications every day. The presence of a cryptographic function within any system gives users and operators a sense of increased security and privacy, and while that’s true for some cases, it’s not a valid assumption for all cryptographic algorithms. Like all other technical security measures, cryptographic algorithms change, they get old, they can be broken and sometimes they simply can’t keep up with the advances in technology. Not every cryptographic algorithm is a secure one, and even for the ones considered secure, not all operation modes are secure by default.
In this page, we will present a set of recommendations concerning various popular cryptographic algorithms and their operation modes. These recommendations are based on the current best practices and will be updated as needed.
This document doesn’t go into details about the different cryptographic algorithms, basic concepts related to cryptography or other related topics if you need to learn more about that you can check the links at the end of this page for a starting point. The rest of this document assumes the reader understands the different terms and is aware of the implementation details for various algorithms.
| Algorithm | Operation | Recommendation | Alternative |
|---|---|---|---|
| DES | Encryption | Avoid | AES |
| 3DES | Encryption | Avoid | AES |
| RC4 | Encryption | Avoid | AES |
| SKIPJACK | Encryption | Avoid | AES |
| CAST-128 CAST-256 | Encryption | Acceptable | AES |
| AES-CBC mode AES-GCM mode | Encryption Authenticated encryption | Acceptable | AES-GCM --- |
| DH-768, -1024 RSA-768, -1024 DSA-768, -1024 | Key exchange Encryption Authentication | Avoid | DH-3072 (Group 15) RSA-3072 DSA-3072 |
| DH-2048 RSA-2048 DSA-2048 | Key exchange Encryption Authentication | Acceptable | ECDH-256 — ECDSA-256 |
| DH-3072 RSA-3072 DSA-3072 | Key exchange Encryption Authentication | Acceptable | ECDH-256 — ECDSA-256 |
| MD5 | Hashing | Avoid | SHA-256 |
| SHA-1 | Hashing | Legacy | SHA-256 |
| SHA-256 SHA-384 SHA-512 | Hashing | Acceptable | SHA-384 — — |
| HMAC-MD5 | Message Authentication Codes | Legacy | HMAC-SHA-256 |
| HMAC-SHA-1 | Message Authentication Codes | Acceptable | HMAC-SHA-256 |
| HMAC-SHA-256 | Message Authentication Codes | Acceptable | |
| ECDH-256 ECDSA-256 | Key exchange Authentication | Acceptable | ECDH-384 ECDSA-384 |
| ECDH-384 ECDSA-384 | Key exchange Authentication | Acceptable |
Resources
1. Secure Hash Standard (SHS)
2. Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths
3. Recommendation for Block Cipher Modes of Operation
4. Lifetimes of cryptographic hash functions
5. Cryptographic Key Length Recommendation
6. Comparative Study Of AES, Blowfish, CAST-128 And DES Encryption Algorithm
7. Next Generation Encryption | Cisco