ISO-approved encryption is divided into two categories: Preferred and Acceptable. Preferred encryption methods were chosen based on standard industry usage and their ability to support RIT business processes. RIT's current product is SentinelOne.
RIT Security Standard
Network Connections (including web browsers)
TLS version 1.3 is recommended, although TLS 1.2 is acceptable.
TLS 1.2 Hybrid is recommended for quantum-resistant encryption.
SSL and TLS 1.0/1.1 are no longer secure.
AES 256-bit is recommended, although AES 128-bit or higher is acceptable.
Desktop and Portable Computer
Centrally-managed whole disk encryption is required to meet the 2015 Desktop and Portable Computer standard. 3DES is no longer considered secure.
AES is recommended at 256-bit, although AES 128-bit or higher is acceptable.
RC4 is no longer supported.
AES 256-bit is recommended, although AES 128-bit and Twofish are acceptable.
3DES and Truecrypt are no longer considered secure.
Public/Private Key Encryption and Signing
Diffie-Hellman 3,072-bit and RSA 3072-bit are recommended, although PGP 2048-bit or greater is acceptable.
CRYSTALS-Kyber is recommended for quantum-resistant encryption. RSA 2048-bit is adequate, although not recommended.
CRYSTALS-DILITHIUM, SHA-2 or greater and the Tiger hash are all adequate for hash comparison.
SHA-1, RIPEMD 128 and RIPEMD 160 are considered strong algorithms, but there is reason to suspect that they may be susceptible to frequency collisions (hash duplications) and their use is not recommended in situations where collision resistance is required. In such cases, SHA-2 is acceptable. MD5 is no longer considered secure.
Use of non-preferred encryption methods is discouraged. However, we recognize that there may be times when business or other requirements may be better served with an alternative algorithm. In those cases, developers should reference the Educause Encryption Strength Support Matrix. Algorithms with a strength rating of High are acceptable for use at RIT. Use of algorithms with a strength rating of Low or Medium are not permitted.
Encryption strength is a relative concept. Both the algorithm used and the length of the key used to encrypt data determines the strength of encryption. Encryption services also perform various cryptographic functions beyond data encryption.
Key Management Requirements
Security of the key management process for encryption keys is especially important. Security of encrypted content (ciphertext) may be compared to a physical lock and key. The algorithm provides the lock. The encryption key unlocks the ciphertext. If the key is weak or compromised, the encryption can be broken. Key revocation provides a means to disallow or change a compromised key and "re-key" the lock.
Many encryption algorithms have the potential to lock access to data permanently if the key is lost. Key escrow provides a "copy" of the key to enable access to the data.
Centralized encryption/key management ensures that data will remain both encrypted and accessible. Non centralized or individual encryption without key escrow may disallow access to the encrypted RIT information if the key is lost. Use of non-centralized or individual encryption of RIT information assets would be allowed only through a granted exception and would require an ISO-reviewed key escrow and revocation process.