Definition

strong cryptography

Contributor(s): Matthew Haughn

Strong cryptography is secreted and encrypted communication that is well-protected against cryptographic analysis and decryption to ensure it is readable only to intended parties.

Depending on the algorithms, protocols and implementation, a cryptographic system may be vulnerable to analysis, leading to possible cracking of the system. The ideal is an unbreakable system of which there is just one well known example: the one-time pad. The one-time pad is a system in which a randomly generated single-use private key is used to encrypt a message. The message is then decrypted by the receiver using a matching one-time pad and key. The challenge in this system is exchanging pads and keys without allowing them to be compromised.

Strong cryptography is used by most governments to protect communications. While it is increasingly available to the general public, there are still many countries where strong cryptography and encryption are kept from the general public, justified by the need to protect national security.

While the definition of strong cryptography in general may be broad, the The PCI Security Standards Council defines strong cryptography requirements for use in the payment card industry (PCI) specifically:  

“Cryptography based on industry-tested and accepted algorithms, along with strong key lengths (minimum 112-bits of effective key strength) and proper key-management practices. Cryptography is a method to protect data and includes both encryption (which is reversible) and hashing (which is not reversible, or “one way”). At the time of publication, examples of industry-tested and accepted standards and algorithms for minimum encryption strength include AES (128 bits and higher), TDES (minimum triple-length keys), RSA (2048 bits and higher), ECC (160 bits and higher), and ElGamal (2048 bits and higher).”

Demonstrating the strength of a given cryptographic system is a complex affair that requires in-depth consideration. As such, the demonstration is best achieved by a large number of collaborators. Planning tests, sharing and analyzing and reviewing of results are best conducted in a public forum.

This was last updated in June 2015

Continue Reading About strong cryptography

Dig Deeper on PCI Data Security Standard

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

We keep building better walls and they keep building better battering rams. Like Einstein's apocryphal definition of madness, we keep doing the same thing expecting different results. Will we ever learn that it just won't work? At least not for very long.

A bit better and somewhat stronger does us little good. We need a fundamentally different approach if we ever hope to stop the pirates who steal our data. Until then, assume that everything anywhere online, in the cloud, accessible in any which way is vulnerable.
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close