Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "List of cryptography functions"
From NetSec
Line 127: | Line 127: | ||
| align="center" style="background:#f0f0f0;"|'''Slow?''' | | align="center" style="background:#f0f0f0;"|'''Slow?''' | ||
| align="center" style="background:#f0f0f0;"|'''Notes''' | | align="center" style="background:#f0f0f0;"|'''Notes''' | ||
− | | - | + | |- |
− | | | + | | Bcrypt||Yes||No||Yes|| |
− | | - | + | |- |
− | | | + | | Scrypt||Yes||No||Yes|| |
− | | - | + | |- |
| PBKDF2||Yes||No||Yes|| | | PBKDF2||Yes||No||Yes|| | ||
− | | - | + | |- |
| HKDF||No||Yes||No|| | | HKDF||No||Yes||No|| | ||
− | | - | + | |- |
| | | | ||
|} | |} |
Revision as of 20:07, 18 October 2015
Name | Value |
Recommended public key algorithms | Curve25519, Ed25519, ECDSA, RSA |
Recommended symmetric ciphers | Salsa20, ChaCha20, AES |
Recommended minimum key size (symmetric) | 128 bits |
Preferred minimum key size (symmetric) | 256 bits |
Recommended minimum key size (RSA) | 2048 bits |
Preferred minimum key size (RSA) | 4096 bits |
Mode | AKA | Should use? | Authenticated? | Encryption parallelizable? | Decryption parallelizable? | Random read? | Notes |
Electronic Code Book | ECB | No | No | Yes | Yes | Yes | Same plaintext yields same ciphertext. |
Cipher Feedback | CFB | Yes | No | No | Yes | Yes | |
Output Feedback | OFB | Yes | No | No | No | No | |
Cipher Block Chaining | CBC | Yes | No | No | Yes | Yes | |
Counter | CTR | Yes | No | Yes | Yes | Yes | |
Galois Counter Mode | GCM | Recommended | Yes | Yes | Yes | No | Counter mode plus authentication, very efficient. |
Cipher | Block size (bits) | Key size (bits) | Stream? | Should use? | Estimated Time to Crack | Notes | |
AES | 128 | 128,192,256 | Yes | ||||
DES | 64 | 56 | No | In 2008 their COPACOBANA RIVYERA reduced the time to break DES to less than one day, using 128 Spartan-3 5000's. | |||
3DES | 64 | 168,112,56 | No | ||||
Blowfish | 64 | 32-448 | Not ideal | This is the primary mode of encryption used in IRC encryption plugins. | |||
ChaCha20 | 256 | Yes | Yes | ||||
Salsa20 | 256 | Yes | Yes | ||||
RC4 | 40-2048 | Yes | No | ||||
Cipher | ECC? | Signing | Encryption | DH Key exchange | Should use? | Minimum key size | Recommended key size | Notes |
RSA | No | Yes | Yes | Yes | Yes | 2048 | 4096 | |
DSA | No | Yes | Yes | No | No | 2048 | 4096 | |
ElGamal | No | Yes | Yes | No | Yes | 2048 | 4096 | |
ECDSA | Yes | Yes | Yes | Yes | Yes | 256 | 384 | |
ECDH | Yes | No | No | Yes | Yes | 256 | 384 | |
Ed25519 | Yes | Yes | No | Yes | Recommended | 512 | 512 | |
Curve25519 | Yes | No | No | Yes | Recommended | 256 | 256 | |
Hash | Bits | Broken? | Should use? | Notes |
MD5 | 128 | Yes | No | Collisions can be generated at will with desktop computational power. |
SHA-1 | 160 | Yes | No | Collision are expensive to generate, but a sufficiently motivated adversary can do it. |
SHA-2 | 224-512 | No | Yes | Pseudo-collisions generated with partial SHA-256, no full attacks. |
SHA-3 (Keccak) | 224-512 | No | Yes | Not widely implemented yet. |
Algorithm | Password? | Requires uniform random input? | Slow? | Notes |
Bcrypt | Yes | No | Yes | |
Scrypt | Yes | No | Yes | |
PBKDF2 | Yes | No | Yes | |
HKDF | No | Yes | No | |
Algorithm | Hash-based? | Block cipher based? | Notes |
Poly1305 | No | Yes | |
HMAC | Yes | Yes | |
CBC-MAC | No | Yes | |
PMAC | No | Yes | |
CMAC | No | Yes | |