Guidelines on cryptographic algorithms usage and key management EPC342-08 / Version 10.0 / Produced by PSSG / Date issued: 8 March 2021 This document defines guidelines on cryptographic algorithms usage and key management. © 2021 Copyright European Payments Council (EPC) AISBL: This document is public and may be copied or otherwise distributed provided attribution is made and the text www.epc-cep.eu is not used directly as a source of profit 1 / 75 Guidelines Cryptographic algorithms usage and key management EPC342-08 2021 version 10.0 Date issued: 8 March 2021 Table of Contents Executive Summary .................................................................................................................... 6 1 Introduction ......................................................................................................................... 8 1.1 Scope of the document .............................................................................................................. 8 1.2 Document structure ................................................................................................................... 8 1.3 Recommendations ..................................................................................................................... 9 1.4 Implementation best practices ................................................................................................ 12 2 Algorithm Taxonomy ......................................................................................................... 14 2.1 Technical Characteristics .......................................................................................................... 14 2.1.1 Primitives........................................................................................................................ 14 2.1.2 Elementary Constructions .............................................................................................. 16 2.2 Typical Usage............................................................................................................................ 17 2.2.1 Confidentiality Protection .............................................................................................. 18 2.2.2 Integrity Protection ........................................................................................................ 19 2.3 Standardisation ........................................................................................................................ 19 3 Algorithm Related Design Issues ........................................................................................ 21 3.1 Primitives.................................................................................................................................. 21 3.1.1 Unkeyed ......................................................................................................................... 21 3.1.2 Symmetric Key ............................................................................................................... 22 3.1.3 Asymmetric key .............................................................................................................. 23 3.1.4 Security levels ................................................................................................................ 28 3.1.5 Quantum computing considerations ............................................................................. 30 3.1.6 ISO Recommendation for Financial Services ................................................................. 33 3.2 Constructions ........................................................................................................................... 33 3.2.1 Symmetric Key Encryption ............................................................................................. 33 3.2.2 Asymmetric Encryption .................................................................................................. 35 www.epc-cep.eu 2 / 75 Guidelines on cryptographic algorithms usage and key management EPC342-08 / 2021 version 10.0 3.2.3 Hybrid Encryption .......................................................................................................... 35 3.2.4 MACs .............................................................................................................................. 36 3.2.5 Digital Signatures ........................................................................................................... 37 3.2.6 Authenticated Encryption .............................................................................................. 38 3.2.7 Distributed ledger technologies ..................................................................................... 39 3.3 Domain of Application ............................................................................................................. 42 3.4 Implementation and interoperability issues ............................................................................ 42 3.4.1 Security protocols .......................................................................................................... 42 3.4.2 Data formatting issues ................................................................................................... 44 3.4.3 Implementation rules..................................................................................................... 44 3.4.4 Key management impact on interoperability ................................................................ 45 3.4.5 Implementation quality and side-channel attacks ........................................................ 45 3.4.6 Algorithm OIDs ............................................................................................................... 46 4 Key Management Issues ..................................................................................................... 47 4.1 Symmetric algorithms .............................................................................................................. 47 4.1.1 Key generation and derivation ....................................................................................... 47 4.1.2 Key backup and storage ................................................................................................. 48 4.1.3 Key distribution .............................................................................................................. 49 4.1.4 Key installation ............................................................................................................... 49 4.1.5 Key usage and key separation ........................................................................................ 50 4.1.6 Key deletion ................................................................................................................... 51 4.1.7 Key cryptoperiod ............................................................................................................ 51 4.2 Asymmetric algorithms ............................................................................................................ 51 4.2.1 Key generation ............................................................................................................... 52 4.2.2 Example of a hybrid key architecture ............................................................................ 52 4.2.3 Key backup and storage ................................................................................................. 53 4.2.4 Key distribution .............................................................................................................. 54 4.2.5 Key agreement and forward secrecy ............................................................................. 55 4.2.6 Public Key installation .................................................................................................... 55 4.2.7 Certificate revocation and expiry ................................................................................... 55 4.2.8 Key usage and key separation ........................................................................................ 56 4.2.9 Key deletion and archiving ............................................................................................. 56 4.2.10 Key crypto period ........................................................................................................ 56 4.3 Key recovery and key escrow ................................................................................................... 57 www.epc-cep.eu 3 / 75 Guidelines on cryptographic algorithms usage and key management EPC342-08 / 2021 version 10.0 5 Random Numbers .............................................................................................................. 58 6 ANNEX I: Terminology ........................................................................................................ 60 7 ANNEX II: Bibliography ....................................................................................................... 64 List of figures Figure 1: A technical taxonomy of cryptographic primitives and mechanisms .......... 14 Figure 2: Example of key hierarchy for symmetric keys ....................................... 48 Figure 3: A hybrid key hierarchy with asymmetric and symmetric keys (for data confidentiality) ............................................................................................. 53 List of tables Table 1: Recommendations ............................................................................. 12 Table 2: Implementation