[Ach] Network Operations Division Cryptographic Requirements

Hanno Böck hanno at hboeck.de
Wed Mar 8 02:33:32 CET 2017

On Tue, 7 Mar 2017 15:11:03 +0000
Aaron Zauner <azet at azet.org> wrote:

> For review:
> https://wikileaks.org/ciav7p1/cms/files/NOD%20Cryptographic%20Requirements%20v1.1%20TOP%20SECRET.pdf

The document contains a lot of outdated advice.


"(S//NF) Confidentiality must be provided by AES, Serpent, Twofish,
Blowfish, 3DES, or RC4 with a minimum key size of 128 bits. Block
ciphers must be operated in Galois/Counter Mode (GCM), Counter Mode
(CTR), or Cipher Block Chaining Mode (CBC). If RC4 is used, at least
the first 1024 
bytes of the cryptostream must be discarded and may not be used."

Hanno Böck

mail/jabber: hanno at hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20170308/8a44fa9e/attachment.sig>

More information about the Ach mailing list