Cryptoperiod

From Wikipedia, the free encyclopedia

A cryptoperiod is the time span during which a specific cryptographic key is authorized for use. Common government guidelines range from 1 to 3 years for asymmetric cryptography,[1] and 1 day to 7 days for symmetric cipher traffic keys.[2]

Factors to consider include the strength of the underlying encryption algorithm, key length, the likelihood of compromise through a security breach and the availability of mechanims of revoking keys.

In traditional cryptographic practice, keys were changed at regular intervals, typically at the same time each day. The code word for a key change, in NSA parlance, is HJ or Hotel Juliet in the NATO phonetic alphabet.[3][4]

References

http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_PART3_key-management_Dec2009.pdf

  1. http://www.keylength.com/en/4/
  2. http://www.cse-cst.gc.ca/its-sti/services/crypto-services-crypto/ca-ac-eng.html
  3. "Telecommunications Handbook" (PDF). U.S. Department of State Foreign Affairs. 12 2010. p. 26. Retrieved 5/10/2011. 
  4. http://jproc.ca/crypto/terms.html
  • Conduct Unbecoming, Randy Shilts, Macmillan, 2005, p. 117, describes HJ key change procedure


This article is issued from Wikipedia. The text is available under the Creative Commons Attribution/Share Alike; additional terms may apply for the media files.