The publishes updated guidelines on cryptographic algorithms usage and key management. This technical document aims to provide guidance to the European banking industry (especially to security officers, risk managers, system engineers and systems designers) in this field.
This document was recently updated to incorporate newsworthy developments in cryptography, such as:
• The publication by the National Institute of Standards and Technology of a final standard for SHA-3.
• As a reaction to the computation of a “freestart collision” (i.e. a collision where the attacker can choose the initialisation vector) for SHA-1, many parties are now migrating away from SHA-1.
• The announcement by the US National Security Agency of preliminary plans to transition to quantum resistant algorithms.
If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website conditions of use.