{{Short description|Number of standards related to cryptography}} {{More citations needed|date=March 2026}} There are a number of '''standards related to cryptography'''. Standard algorithms and protocols provide a focus for study; standards for popular applications attract a large amount of cryptanalysis.
==Encryption standards== * Data Encryption Standard (DES, now obsolete) * Advanced Encryption Standard (AES) * RSA the original public key algorithm * OpenPGP
==Hash standards== * MD5 128-bit (obsolete) * SHA-1 160-bit (obsolete) * SHA-2 available in 224, 256, 384, and 512-bit variants * HMAC keyed hash * PBKDF2 Key derivation function (RFC 2898)
==Digital signature standards== * Digital Signature Standard (DSS), based on the Digital Signature Algorithm (DSA) * RSA * Elliptic Curve DSA
==Public-key infrastructure (PKI) standards== * X.509 Public Key Certificates
==Wireless Standards== * Wired Equivalent Privacy (WEP), severely flawed and superseded by WPA * Wi-Fi Protected Access (WPA) better than WEP, a 'pre-standard' partial version of 802.11i * 802.11i a.k.a. WPA2, uses AES and other improvements on WEP * A5/1 and A5/2 cell phone encryption for GSM
==U.S. Government Federal Information Processing Standards (FIPS)==
*FIPS PUB 31 Guidelines for Automatic Data Processing Physical Security and Risk Management 1974 *FIPS PUB 46-3 Data Encryption Standard (DES) 1999 *FIPS PUB 73 Guidelines for Security of Computer Applications 1980 *FIPS PUB 74 Guidelines for Implementing and Using the NBS Data Encryption Standard 1981 *FIPS PUB 81 DES Modes of Operation 1980 *FIPS PUB 102 Guideline for Computer Security Certification and Accreditation 1983 *FIPS PUB 112 Password Usage 1985, defines 10 factors to be considered in access control systems that are based on passwords *FIPS PUB 113 Computer Data Authentication 1985, specifies a Data Authentication Algorithm (DAA) based on DES, adopted by the Department of Treasury and the banking community to protect electronic fund transfers. *FIPS PUB 140-2 Security Requirements for Cryptographic Modules 2001, defines four increasing security levels *FIPS PUB 171 Key Management Using ANSI X9.17 (ANSI X9.17-1985) 1992, based on DES *FIPS PUB 180-2 Secure Hash Standard (SHS) 2002 defines the SHA family *FIPS PUB 181 Automated Password Generator (APG) 1993 *FIPS PUB 185 Escrowed Encryption Standard (EES) 1994, a key escrow system that provides for decryption of telecommunications when lawfully authorized. *FIPS PUB 186-2 Digital Signature Standard (DSS) 2000 *FIPS PUB 190 Guideline for the Use of Advanced Authentication Technology Alternatives 1994 *FIPS PUB 191 Guideline for the Analysis of local area network Security 1994 *FIPS PUB 196 Entity Authentication Using Public Key Cryptography 1997 *FIPS PUB 197 Advanced Encryption Standard (AES) 2001 *FIPS PUB 198 The Keyed-Hash Message Authentication Code (HMAC) 2002
==Internet Requests for Comments (RFCs)== Below is a non-exhaustive overview of notable cryptography-related RFCs, grouped by topic. ; Transport Security : * {{IETF RFC|8446}} The Transport Layer Security (TLS) Protocol Version 1.3 Defines secure web communication (HTTPS), introduces modern cipher suites and removes legacy cryptography.{{Ref RFC|8446}} * {{IETF RFC|5246}} The Transport Layer Security Protocol Version 1.2 Predecessor to TLS 1.3, still widely implemented.{{Ref RFC|5246}} ; Public-Key Cryptography and Signatures : * {{IETF RFC|8017}} RSA Cryptography Specifications Defines RSA encryption and signature schemes such as RSA-OAEP and RSASSA-PSS.{{Ref RFC|8017}} * {{IETF RFC|6979}} Specifies deterministic generation of the nonce in DSA/ECDSA to avoid catastrophic randomness failures.{{Ref RFC|6979}} * {{IETF RFC|7748}} Defines modern elliptic curves X25519 and X448 for Diffie–Hellman key exchange.{{Ref RFC|7748}} ; Symmetric Cryptography and MACs : * {{IETF RFC|2104}} Defines the HMAC construction, widely used with hash functions such as SHA-256.{{Ref RFC|2104}} * {{IETF RFC|5869}} A widely used key derivation function used in protocols like TLS 1.3.{{Ref RFC|5869}} * {{IETF RFC|8439}} Defines the ChaCha20 stream cipher and Poly1305 MAC AEAD construction used in TLS, SSH, and QUIC.{{Ref RFC|8439}} ; Public-Key Infrastructure and Certificates : * {{IETF RFC|5280}} Defines the Internet profile for X.509 certificates, used by TLS certificate authorities.{{Ref RFC|5280}} * {{IETF RFC|6960}} Defines a protocol for checking certificate revocation status.{{Ref RFC|6960}} ; Secure Messaging and Data Formats : * {{IETF RFC|5652}} Defines the message format used for secure email (S/MIME).{{Ref RFC|5652}} * {{IETF RFC|4880}} Specifies the OpenPGP encryption and signature format used in tools like GnuPG.{{Ref RFC|4880}} ; Network Security (IPsec) : * {{IETF RFC|4301}} Defines the overall IPsec security architecture.{{Ref RFC|4301}} * {{IETF RFC|4303}} Specifies encrypted IP packets for IPsec.{{Ref RFC|4303}} * {{IETF RFC|7296}} Defines key exchange and authentication for IPsec VPNs.{{Ref RFC|7296}}
==Classified Standards== * EKMS NSA's Electronic Key Management System * FNBDT NSA's secure narrow band voice standard * Fortezza encryption based on portable crypto token in PC Card format * STE secure telephone * STU-III older secure telephone * TEMPEST prevents compromising emanations
==Other== <!-- to be refined.. --> * IPsec Virtual Private Network (VPN) and more * IEEE P1363 covers most aspects of public-key cryptography * Transport Layer Security (formerly SSL) * SSH secure Telnet and more * Content Scramble System (CSS, the DVD encryption standard, broken by DeCSS) * Kerberos authentication standard * RADIUS authentication standard * ANSI X9.59 electronic payment standard * Common Criteria Trusted operating system standard * CRYPTREC Japanese Government's cryptography recommendations
==See also== * NSA cryptography * Topics in cryptography
==References== {{reflist}}
Category:Cryptography standards Category:Technology-related lists