ISO/TR TECHNICAL REPORT 14742 First edition 2010-07-01 Financial services Recommendations on cryptographic algorithms and their use Services financiers Recommandations sur les algorithmes cryptographiques et leurutilisation Reference number ISO/TR 14742:2010(E) @ ISO 2010 py IHS under Not for Resale ISO/TR 14742:2010(E) PDFdisclaimer This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The IsO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by IsO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below COPYRIGHT PROTECTED DOCUMENT ISO2010 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, ISsO's member body in the country of the requester. ISO copyright office Case postale 56 : CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail [email protected] Web www.iso.org Published in Switzerland ISO2010-All rights reserved T by IHS unde I without license from IHS Not for Resale ISO/TR14742:2010(E) Contents Page Foreword .iv Introduction 1 Scope 2 Measuring bits of security.. 3 Algorithmmigration 4 Blockciphers 4.1 General 4.2 Keying options. 4.3 Recommended block ciphers 4.4 Blocksizeandkeyuse. 4.5 Modes of operation .... 4.6 Enciphering small plaintexts. 4.7 Migrating from TDEA to AES. 5 Stream ciphers.. 6 Hash functions... 6.1 Hash functions and their properties. 6.2 Hash functions based on block ciphers 6.3 Dedicated hash functions... 6.4 Hashfunctionsusingmodulararithmetic.. 10 6.5 Migrating from one hash function to another... 10 7 Message authentication codes .. 7.1 RecommendedMACalgorithms 7.2 MAc algorithms based on block ciphers... 7.3 MAC algorithms based on hash functions . 7.4 Length of the MAC... 7.5 Message span of the key ..... 12 8 Asymmetric algorithms.. 12 8.1 General ........ 8.2 Factorization-based security mechanisms. 14 8.3 Integer discrete logarithm-based security mechanisms. 14 8.4 Elliptic curve discrete logarithm-based security mechanisms 8.5 Algorithmorkeyexpiry. 15 8.6 Digital signature schemes giving message recovery.. 15 8.7 Digital signatures with appendix .. 16 8.8 Asymmetric ciphers ... 9 Random number generation. Annex A (informative) Entity authentication and key management mechanisms ....... Bibliography. CopyrightInenationalOganzaSadardizaoghsreserved ii ted without licensefrom IHS Not for Resale