Cryptographic Standards and RFCs

Cryptographic Standards and RFCs

The following are standards and RFCs (requests for comment) that define the cryptographic primitives and algorithms used in InterSystems security:

• AES (Advanced Encryption Standard) encryption — FIPS (Federal Information Processing Standards) 197

• AES Key Wrap —

  • NIST (National Institute of Standards and Technology) document “Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping” (https://csrc.nist.gov/CryptoToolkit/kms/AES_key_wrap.pdfOpens in a new tab)

  • IETF (Internet Engineering Task Force) RFC 3394

• Base64 encoding — RFC 3548

• Block padding — PKCS (Public-Key Cryptography Standards) #7 and RFC 2040

• CBC (Cipher Block Chaining) cipher mode — NIST 800-38A

• Deterministic random number generator —

  • FIPS PUB 140-2, Annex C

  • FIPS PUB 186-2, Change Notice 1, Appendix 3.1 and Appendix 3.3

• GSS (Generic Security Services) API —

  • The Kerberos Version 5 GSS-API Mechanism — RFC 1964

  • Generic Security Service Application Program Interface, Version 2, Update 1 — RFC 2743

  • Generic Security Service API Version 2: C Bindings — RFC 2744

  • Generic Security Service API Version 2: Java Bindings — RFC 2853

• Kerberos Network Authentication Service (V5) — RFC 1510

• Hash-based Message Authentication Code (HMAC) — FIPS 198 and RFC 2104

• Message Digest 5 (MD5) hash — RFC 1321

• Password-Based Key Derivation Function 2 (PBKDF2) — PKCS #5 v2.1 and RFC 8018

• Secure Hash Algorithm (SHA-1) — FIPS 180-2 and RFC 3174

• Secure Hash Algorithm (SHA-512) — FIPS 180-2 and RFC 6234

All these documents are available online:

• FIPS documentsOpens in a new tab

• NIST documentsOpens in a new tab

• RFCsOpens in a new tab (IETF)