IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Organisation Remarks
____________________________________________________________________ .........................................
S 2.164 Selection of a suitable cryptographic
procedure
Initiation responsibility: IT Security Management
Implementation responsibility: IT Security Management
The selection of a cryptographic procedure is divided into two subsidiary
tasks:
- Selection of the cryptographic algorithm
- Selection of a means of technical implementation
Before users commit themselves to a particular procedure, they should have a
precise conception of their requirements in terms of the confidentiality and
authenticity of the processed data at every point of the information-processing
system.
Selection of cryptographic algorithms
When selecting cryptographic algorithms it is first necessary to clarify which
type of cryptographic procedures are required, in other words symmetrical,
asymmetrical or hybrid procedures, and then to select suitable algorithms, i.e.
those with the requisite mechanism strength.
Encryption techniques
- Symmetrical encryption: The advantages and disadvantages of symmetrical
techniques are described in S 3.23. Suitable algorithms include triple DES,
IDEA and RC 5 for example; in the case of RC 5 the key length should be
at least 80 bits.
- Asymmetrical encryption: The advantages and disadvantages of
asymmetrical techniques are described in S 3.23. Suitable algorithms
include RSA, for example, or encryption techniques based on elliptical
curves (see below for key length).
Authentication techniques
- Authentication of messages
Various techniques can be used for the authentication of messages, such as
a message authentication code (MAC) or a digital signature procedure. It is
advantageous to use a MAC if extremely high throughput rates are required
(or if only low computing capacity is available) and the risk of key
disclosure is very low at both ends. It is advantageous to use a digital
signature procedure if the risk of (signature) key disclosure is considerably
higher at one end than it is at the other; generally it is imperative if nonrepudiation
services are required. It should be noted once again that an
infrastructure of trusted third parties must be in place for a non-repudiation
service.
The best known MAC algorithm is the encryption of a message with DES
or another block encryption technique in CBC or CFB mode. This involves
appending the last encrypted block to the message as the MAC. Variants
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000