Journal of AHIMA - May 2011

example, the Advanced Encryption Standard using a 192-bit key (AES-192) provides stronger protection than the Advanced Encryption Standard using a 128-bit key (AES-128) because there are more possible values for a 192-bit key than for a 128-bit key.

Generate a strong cryptographic key and transport it securely. If an attacker can get information about certain bits of the key, then the encryption function using this key does not provide the necessary level of protection. For example, if the key is two bits and the attacker knows that the first bit of the key is equal to the second bit, then the attacker needs to try only two possible keys, 00 and 11, instead of four combinations.

Ideally, a cryptographic key is a randomly generated string of
bits that provides the attacker with no information about any
bits of the key. Keys can be generated using a Deterministic
Random Bit Generator, a function used to generate high-qual-
ity random bits for an encryption key. The National Institute of
Standards and Technology’s “Recommendation for Random
Number Generation Using Deterministic Random Bit Genera-
tors” recommends NIST-approved mechanisms for the genera-
tion of random bits using deterministic methods.

An encryption algorithm that uses a
longer key provides a greater level
of confidentiality protection.

In many secure communication protocols (e.g., TLS), the cryptographic key may be generated through cooperation of the encrypting and decrypting entities. NIST’s “ Recommendation for Key Management—Parts 1 and 2” provide guidelines on these key agreement schemes.

In an application where the encrypting entity needs to share the key with a separate decrypting entity, the key must be transported to the decrypting entity in a secure manner. This transportation can be done physically using an electronic device such as a USB drive that holds the cryptographic key. It can also be done electronically over a computer network. NIST’s “ Recommendation for Key Management—Parts 1 and 2” provide guidelines on methods of secure key transport.

Encrypt all copies of the data. All data that require confidentiality protection should be encrypted if there is a possibility that an unauthorized person could access it. Data at rest in an operational environment are frequently encrypted. However, all copies of data, including data in storage and back-up environments, should also be encrypted to provide comparable protection.

Transition to NIST-approved encryption functions. Over time, changes in the use of encryption may be necessary because of cryptographic attacks on encryption algorithms or the availability of more powerful computing techniques and/or devices. Data encrypted in the past using a non-NIST–approved encryption algorithm or a NIST-approved encryption algorithm that has become obsolete should be encrypted using a current NIST-approved encryption algorithm to ensure a strong level of protection for the data. NIST’s “Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths” identifies current approved algorithms and timelines for acceptable use.

For more information on encryption processes and technologies, visit NIST’s Computer Security Resource Center at http:// csrc.nist.gov. ¢

Kevin Stine is an information security specialist and Quynh Dang is a computer scientist for the National Institute of Standards and Technology, Information Technology Laboratory, Computer Security Division.