Product SiteDocumentation Site

Chapter 14. Cryptography

14.1. Primitives
14.2. Randomness

14.1. Primitives

Choosing from the following cryptographic primitives is recommended:
  • RSA with 2048 bit keys and OAEP
  • AES-128 in CBC mode
  • SHA-256
  • HMAC-SHA-256
  • HMAC-SHA-1
Other cryptographic algorithms can be used if they are required for interoperability with existing software:
  • RSA with key sizes larger than 1024 and legacy padding
  • AES-192
  • AES-256
  • 3DES (triple DES, with two or three 56 bit keys)
  • RC4 (but very, very strongly discouraged)
  • SHA-1
  • HMAC-MD5


These primitives are difficult to use in a secure way. Custom implementation of security protocols should be avoided. For protecting confidentiality and integrity of network transmissions, TLS should be used (Chapter 17, Transport Layer Security).