Security considerations
  • 23 Jan 2025
  • 1 Minute à lire
  • Sombre
  • PDF

Security considerations

  • Sombre
  • PDF

The content is currently unavailable in French. You are viewing the default English version.
Résumé de l’article

As of Authentication Suite Server SDK 4.0.1, software DPX files and software BLOB data can be encrypted using AES with 256-bit keys or 3DES with 112-bit keys.

We strongly recommend to use AES with 256-bit keys for both, software DPX file encryption and software BLOB encryption for the following reasons:

  1. The potential advent of cryptographically-relevant quantum computers (CRQC) enables novel attacks against sensitive data which are not possible with traditional, non-quantum computers. Cryptographically-relevant quantum computers are quantum computers that can run algorithms to break or weaken existing, classical cryptographic algorithms.

    An example of such a novel attack is the 'harvest now, decrypt later' attack, where adversaries collect today’s encrypted data and keep it until they acquire a quantum computer that can decrypt it in the future. To protect data that needs to remain confidential well into the future against such novel attacks, today’s data should already be encrypted with quantum-resistant cryptographic algorithms, such as AES-256.

  2. Standards related to key management recommend the usage of AES to protect data that requires long-term protection, and recommend using keys with a length of at least 128 bits.

  3. The usage of AES-256 does not introduce performance overhead.

Notwithstanding these recommendations, you should perform your own risk and compliance analysis to determine the most appropriate key length in your specific context.

Cet article vous a-t-il été utile ?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.

Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle