PRICES include / exclude VAT
Sponsored link
immediate downloadReleased: 2010-08-31
PD ISO/TR 14742:2010 Financial services. Recommendations on cryptographic algorithms and their use

PD ISO/TR 14742:2010

Financial services. Recommendations on cryptographic algorithms and their use

Format
Availability
Price and currency
English Secure PDF
Immediate download
292.80 EUR
You can read the standard for 1 hour. More information in the category: E-reading
Reading the standard
for 1 hour
29.28 EUR
You can read the standard for 24 hours. More information in the category: E-reading
Reading the standard
for 24 hours
87.84 EUR
English Hardcopy
In stock
292.80 EUR
Standard number:PD ISO/TR 14742:2010
Pages:42
Released:2010-08-31
ISBN:978 0 580 70766 7
Status:Standard
DESCRIPTION

PD ISO/TR 14742:2010


This standard PD ISO/TR 14742:2010 Financial services. Recommendations on cryptographic algorithms and their use is classified in these ICS categories:
  • 03.060 Finances. Banking. Monetary systems. Insurance
  • 35.240.40 IT applications in banking

This Technical Report provides a list of recommended cryptographic algorithms for use within applicable financial services standards prepared by ISO/TC 68. It also provides strategic guidance on key lengths and associated parameters and usage dates.

The focus is on algorithms rather than protocols, and protocols are in general not included in this Technical Report. However, in some cases, for example for some key agreement and some authentication protocols, there is no “underlying” algorithm, and in a sense it is the protocol that constitutes the algorithm. In this case, the mechanisms are included, in particular where they have security parameters that can be adjusted for higher or lower security.

Algorithmic vulnerabilities or cryptographic keys of inadequate lengths are less often the cause of security compromises in the financial industry than are inadequate key management or other procedural flaws, or mistakes in the implementation of cryptographic algorithms or the protocols that use them. However, compromises caused by algorithmic vulnerabilities are more systemic and harder to recover from than other kinds of compromises.

This Technical Report deals primarily with recommendations regarding algorithms and key lengths.

NOTE Key management is covered in ISO 11568-1, ISO 11568-2 and ISO 11568-4.

The categories of algorithms covered in this Technical Report are:

  • block ciphers;

  • stream ciphers;

  • hash functions;

  • message authentication codes (MACs);

  • asymmetric algorithms:

    • digital signature schemes giving message recovery,

    • digital signatures with appendix,

    • asymmetric ciphers;

  • authentication mechanisms;

  • key establishment and agreement mechanisms;

  • key transport mechanisms.

This Technical Report does not define any cryptographic algorithms; however, the standards to which this Technical Report refers may contain necessary implementation information as well as more detailed guidance regarding choice of security parameters, security analysis, and other implementation considerations.