Skip to Content
GuidelinesCryptography

Cryptography Guidelines

Information

Cryptographic methods used shall be checked about once a year to make sure they are effective.

For guideline we consult NIST 800-57 and 800-175B (guideline for gov)

  • For hashing we use at least SHA-256
  • For asymmetric encryption we use at least 2048-bit RSA
  • For symmetric encryption we use at least 256-bit AES (CBC with integrity control or GCM)
  • For digital signatures we use RSA
  • For transport security we use TLS 1.2 as a minimum.
  • For key derivation functions (KDF) and password hashes we use algorithms Argon2, PBKDF2 and bcrypt. New systems should use the Argon2 algorithm. For current iteration rounds consult OWASP 

We are currently monitoring post-quantum cryptography work of NIST, and wait for the guidelines for further evaluations.

Last updated on