Difference between revisions of "List of cryptography functions"

Revision as of 18:30, 18 October 2015

Encryption Quick Reference
Name	Value
Recommended public key algorithms	Curve25519, Ed25519, ECDSA, RSA
Recommended symmetric ciphers	Salsa20, ChaCha20, AES
Recommended minimum key size (symmetric)	128 bits
Preferred minimum key size (symmetric)	256 bits
Recommended minimum key size (RSA)	2048 bits
Preferred minimum key size (RSA)	4096 bits

Encryption Modes
Mode	AKA	Should use?	Notes
Electronic Code Book	ECB	No	Same plaintext yields same ciphertext.
Cipher Block Chaining	CBC	Yes (must use separate authentication)	Cannot be parallelized.
Counter	CTR	Yes (must use separate authentication)	Parallelizable.
Galois Counter Mode	GCM	Recommended wherever possible	Counter mode plus authentication, very efficient.

Symmetric Ciphers
Cipher	Block size (bits)	Key size (bits)	Stream?	Should use?	Estimated Time to Crack	Notes
AES	128	128,192,256		Yes
DES	64	56		No	In 2008 their COPACOBANA RIVYERA reduced the time to break DES to less than one day, using 128 Spartan-3 5000's.
3DES	64	168,112,56		No
Blowfish	64	32-448		Not ideal		This is the primary mode of encryption used in IRC encryption plugins.

Hash functions
Hash	Bits	Broken?	Should use?	Notes
MD5	128	Yes	No	Collisions can be generated at will with desktop computational power.
SHA-1	160	Yes	No	Collision are expensive to generate, but a sufficiently motivated adversary can do it.
SHA-2	224-512	No	Yes	Pseudo-collisions generated with partial SHA-256, no full attacks.
SHA-3 (Keccak)	224-512	No	Yes	Not widely implemented yet.

@@ Line 31: / Line 31: @@
 | Cipher Block Chaining||CBC||Yes (must use separate authentication)||Cannot be parallelized.
 |-
-| Counter||CTR||Yes (must use separate authentication)||
+| Counter||CTR||Yes (must use separate authentication)||Parallelizable.
 |-
 | Galois Counter Mode||GCM||Recommended wherever possible||Counter mode plus authentication, very efficient.