Minimum cryptography recommendations from various countries?
December 27, 2010 2:30 PM   Subscribe

I recently read that the US government considers AES suitable for classified information. Do other countries publish similar recommendations?

While searching for information about a bug in Excel 2007, I came across a post which says that the NSA approves the use of AES for classified information.

I wasn't aware that they'd recommended AES for this purpose, but I verified on the NSA site that they consider AES with 128-bit keys suitable for secret information and 256-bit AES sufficient for the top secret level.

Do other countries publish similar guidelines about algorithms and key sizes they consider acceptable for various classification levels?
posted by tomwheeler to Computers & Internet (6 answers total)
Best answer: Canada does.
posted by Monday, stony Monday at 3:36 PM on December 27, 2010

Best answer: The Australian DSD recommendations are on page 205 of this PDF and include AES-{128,192,256} (non-ECB) and 3DES for symmetric ciphers.
posted by Rhomboid at 4:19 PM on December 27, 2010

This actually isn't surprising: one of the NSA's historic missions is the security of government communications, and specifying encryption standards would presumably be part of that function.
posted by chengjih at 4:19 PM on December 27, 2010

Yeah, AES stands for "Advanced Encryption Standard" and it's the standard because the US government called it so. Prior to it winning the standards competition it was called "Rijndael".
posted by mendel at 7:31 PM on December 27, 2010

Yes, AES is an international standard encryption algorithm, secure for essentially all purposes, dependent on key length. It's considered the current "gold standard" encryption algorithm, replacing DES. It is completely open and was evaluated in a transparent, international forum. If someone has a way of subverting AES that works before the heat death of the universe, they're playing ball at a couple of order-of-magnitude or three level above everyone else on the planet.

Not to put to fine a point on it, 128-bit AES is "computes really fast, practically unbreakable in the near future". 256-bit AES is "computes relatively fast, is for all practical purposes unbreakable assuming our current understanding of computation is true."
posted by kjs3 at 10:34 PM on December 27, 2010

Response by poster: Yes, I know about the NSA and its mission. I just didn't know they began recommending it for classified information (which they seem to have done just last year, several years after Rijndael was chosen for AES). Since my question was about the recommendation of other countries, I am marking the links about Canada and Australia as best answers.
posted by tomwheeler at 10:59 PM on December 27, 2010

« Older Will the snow leopard upgrade work on my tiger...   |   Where to go and what to expect for laptop repair? Newer »
This thread is closed to new comments.