Spotlights:

SecretAgent DAS

 

 

  NIST Algorithm Comparisons and Key Size Recommendations

 

Equivalent Algorithm Strengths

Bits of
Security
Symmetric
Cipher
Hash
Alg.
DSA, D-H, MQV
(discrete log systems)
RSA
ECC
80 2TDEA SHA-1
and above		 L=1024
N=160		 k=1024 f=160-223
112 3TDEA SHA-224
and above		 L=2048
N=224		 k=2048 f=224-255
128 AES-128 SHA-256
and above		 L=3072
N=256		 k=3072 f=256-383
192 AES-192 SHA-384
and above		 L=7680
N=384		 k=7680 f=384-511
256 AES-256 SHA-512 L=15360
N=512		 k=15360 f=512+

The hash algorithm requirements listed above apply only to digital signatures and hash-only operations. For HMAC, key derivation, and pseudo-random number generation, the use of SHA-1 and above is allowed up to 128 bits; SHA-224 and above at 192 bits; SHA256 and above at 256 bits. (See NIST SP 800-57.)


Recommended Algorithms and Minimum Key Sizes

Years
Symmetric
Alg.
DSA,
D-H,
MQV
RSA
ECC
Present-2010
(min. 80 bits)		 2TDEA
3TDEA
AES-128
AES-192
AES-256		 Min:
L=1024
N=160		 Min:
k=1024		 Min:
f=160
Through 2030
(min. 112 bits)		 3TDEA
AES-128
AES-192
AES-256 		Min:
L=2048
N=224		 Min:
k=2048		Min:
f=224
Beyond 2030
(min. 128 bits)		 TDES
AES-128
AES-192
AES-256		 Min:
L=3072
N=256		 Min:
k=3072		 Min:
f=256


The data on this page is taken from NIST SP 800-57.
     
           
   
Products | News | Support | Company | Terms of Use | Copyright
© 2004-2007 Information Security Corporation. All rights reserved.