Guidelines on cryptographic algorithms usage and key management

The purpose of this document is to provide guidance to the European banking industry in the field of cryptographic algorithms and related key management issues.

Its targeted audience are security officers, risk managers, system engineers and systems designers. Although its content does not assume expertise in cryptology, it contains some sections which require a basic mathematical background.

This document was updated to reflect newsworthy developments in cryptography, including the impacts of the latest progress in cryptanalysis (e.g. on public key cryptography, message authentication codes and hash functions).

Also the section on quantum computing considerations has been updated and a new section on distributed ledger technology related to blockchain has been added, including background information on this new technology.

In view of these, the section with the recommendations and best practices was also revised and additional references were included to further parts in the document for readers requiring more background and detail.

Also the list of references was updated since the last publication of the document in December 2016.

Document download