Cryptographic Algorithms, Key Sizes and Parameters - ENISA recommendations for 2013

ENISA has just published a report on cryptographic algorithms, key sizes and parameters, written by a team of recognized European cryptographers.

This rather large document (96 pages) is an useful summary of the current state of the art around cryptographic algorithms and protocols. It lists all the known (and less known) algorithms, summarizing each one on current best recommendations on its usage (including "do not use"), key sizes and known attacks.

  • Block Cipher Basic Modes of Operation: ECB, CBC, OFB, CFB, CTR, XTS, EME.
  • Message Authentication Codes:Block Cipher Based MACs, GMAC, Hash Function Based MACs, OCB, CCB, EAX, CWC, GCM.
  • Key Derivation Functions: NIST-800-108-KDF, X9.63-KDF, NIST-800-56-KDFs, IKE-v1-KDF and IKE-v2-KDF, TLS-KDF
  • Public Key Encryption: RSA-PKCS# 1 v1.5, RSA-OAEP
  • Hybrid Encryption: RSA-KEM, PSEC-KEM, ECIES-KEM
  • Public Key Signatures: RSA-PKCS# 1 v1.5, RSA-PSS, RSA-FDH, ISO 9796-2 RSA Based Mechanisms, (EC)DSA, PV
  • Signatures, (EC)Schnor
  • Identity Based Encryption/KEMs: BF, BB, SK
  • Protocols: TLS, IPsec, SSH, Kerberos

The document could be better if it had clickable menu and discussed Salsa20/ChaCha and BLAKE algorithms.

Download from:

enisa-crypto-2013.pdf666.92 KB