Article · Wikipedia archive · Last revised Jun 1, 2026

Cryptography standards

There are a number of standards related to cryptography. Standard algorithms and protocols provide a focus for study; standards for popular applications attract a large amount of cryptanalysis.

Last revised
Jun 1, 2026
Read time
≈ 5 min
Length
1,191 w
Citations
15
Source
Wikipedia ↗

There are a number of standards related to cryptography. Standard algorithms and protocols provide a focus for study; standards for popular applications attract a large amount of cryptanalysis.

Encryption standards

Hash standards

Digital signature standards

Public-key infrastructure (PKI) standards

  • X.509 Public Key Certificates

Wireless Standards

U.S. Government Federal Information Processing Standards (FIPS)

  • FIPS PUB 31 Guidelines for Automatic Data Processing Physical Security and Risk Management 1974
  • FIPS PUB 46-3 Data Encryption Standard (DES) 1999
  • FIPS PUB 73 Guidelines for Security of Computer Applications 1980
  • FIPS PUB 74 Guidelines for Implementing and Using the NBS Data Encryption Standard 1981
  • FIPS PUB 81 DES Modes of Operation 1980
  • FIPS PUB 102 Guideline for Computer Security Certification and Accreditation 1983
  • FIPS PUB 112 Password Usage 1985, defines 10 factors to be considered in access control systems that are based on passwords
  • FIPS PUB 113 Computer Data Authentication 1985, specifies a Data Authentication Algorithm (DAA) based on DES, adopted by the Department of Treasury and the banking community to protect electronic fund transfers.
  • FIPS PUB 140-2 Security Requirements for Cryptographic Modules 2001, defines four increasing security levels
  • FIPS PUB 171 Key Management Using ANSI X9.17 (ANSI X9.17-1985) 1992, based on DES
  • FIPS PUB 180-2 Secure Hash Standard (SHS) 2002 defines the SHA family
  • FIPS PUB 181 Automated Password Generator (APG) 1993
  • FIPS PUB 185 Escrowed Encryption Standard (EES) 1994, a key escrow system that provides for decryption of telecommunications when lawfully authorized.
  • FIPS PUB 186-2 Digital Signature Standard (DSS) 2000
  • FIPS PUB 190 Guideline for the Use of Advanced Authentication Technology Alternatives 1994
  • FIPS PUB 191 Guideline for the Analysis of local area network Security 1994
  • FIPS PUB 196 Entity Authentication Using Public Key Cryptography 1997
  • FIPS PUB 197 Advanced Encryption Standard (AES) 2001
  • FIPS PUB 198 The Keyed-Hash Message Authentication Code (HMAC) 2002

Internet Requests for Comments (RFCs)

Below is a non-exhaustive overview of notable cryptography-related RFCs, grouped by topic.

Transport Security
  • RFC 8446 The Transport Layer Security (TLS) Protocol Version 1.3 Defines secure web communication (HTTPS), introduces modern cipher suites and removes legacy cryptography.1
  • RFC 5246 The Transport Layer Security Protocol Version 1.2 Predecessor to TLS 1.3, still widely implemented.2
Public-Key Cryptography and Signatures
  • RFC 8017 RSA Cryptography Specifications Defines RSA encryption and signature schemes such as RSA-OAEP and RSASSA-PSS.3
  • RFC 6979 Specifies deterministic generation of the nonce in DSA/ECDSA to avoid catastrophic randomness failures.4
  • RFC 7748 Defines modern elliptic curves X25519 and X448 for Diffie–Hellman key exchange.5
Symmetric Cryptography and MACs
  • RFC 2104 Defines the HMAC construction, widely used with hash functions such as SHA-256.6
  • RFC 5869 A widely used key derivation function used in protocols like TLS 1.3.7
  • RFC 8439 Defines the ChaCha20 stream cipher and Poly1305 MAC AEAD construction used in TLS, SSH, and QUIC.8
Public-Key Infrastructure and Certificates
  • RFC 5280 Defines the Internet profile for X.509 certificates, used by TLS certificate authorities.9
  • RFC 6960 Defines a protocol for checking certificate revocation status.10
Secure Messaging and Data Formats
  • RFC 5652 Defines the message format used for secure email (S/MIME).11
  • RFC 4880 Specifies the OpenPGP encryption and signature format used in tools like GnuPG.12
Network Security (IPsec)
  • RFC 4301 Defines the overall IPsec security architecture.13
  • RFC 4303 Specifies encrypted IP packets for IPsec.14
  • RFC 7296 Defines key exchange and authentication for IPsec VPNs.15

Classified Standards

  • EKMS NSA's Electronic Key Management System
  • FNBDT NSA's secure narrow band voice standard
  • Fortezza encryption based on portable crypto token in PC Card format
  • STE secure telephone
  • STU-III older secure telephone
  • TEMPEST prevents compromising emanations

Other

See also

See also

References

References

  1. E. Rescorla (August 2018). The Transport Layer Security (TLS) Protocol Version 1.3. Internet Engineering Task Force TLS workgroup. doi:10.17487/RFC8446. RFC 8446. Proposed Standard. Obsoletes RFC 5077, 5246 and 6961. Updates RFC 5705 and 6066.
  2. T. Dierks; E. Rescorla (August 2008). The Transport Layer Security (TLS) Protocol Version 1.2. IETF TLS workgroup. doi:10.17487/RFC5246. RFC 5246. Obsolete. Obsoleted by RFC 8446. Obsoletes RFC 3268, 4346 and 4366; updates RFC 4492.
  3. B. Kaliski; A. Rusch; J. Johnsson; A. Rusch (November 2016). K. Moriarty (ed.). PKCS #1: RSA Cryptography Specifications Version 2.2. Internet Engineering Task Force. doi:10.17487/RFC8017. ISSN 2070-1721. RFC 8017. Informational. Obsoletes RFC 3447.
  4. T. Pornin (August 2013). Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA). Independent Submission. doi:10.17487/RFC6979. ISSN 2070-1721. RFC 6979. Informational.
  5. A. Langley; M. Hamburg; S. Turner (January 2016). Elliptic Curves for Security. Internet Engineering Task Force. doi:10.17487/RFC7748. ISSN 2070-1721. RFC 7748. Informational.
  6. H. Krawczyk; M. Bellare; R. Canetti (February 1997). HMAC: Keyed-Hashing for Message Authentication. IETF Network Working Group. doi:10.17487/RFC2104. RFC 2104. Informational. Updated by RFC 6151.
  7. Krawczyk, Hugo; Eronen, Pasi (May 2010). HMAC-based Extract-and-Expand Key Derivation Function (HKDF). Internet Engineering Task Force (IETF). doi:10.17487/RFC5869. RFC 5869. Informational.
  8. Y. Nir; A. Langley (June 2018). ChaCha20 and Poly1305 for IETF Protocols. Internet Research Task Force. doi:10.17487/RFC8439. ISSN 2070-1721. RFC 8439. Informational. Obsoletes RFC 7539.
  9. Cooper, D.; Santesson, S.; Farrell, S.; Boeyen, S.; Housley, R.; Polk, W. (May 2008). Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. IETF. doi:10.17487/RFC5280. RFC 5280. Proposed Standard. Updated by RFC 9549, 9598, 8398, 8399 and 6818. Obsoletes RFC 4630, 4325 and 3280.
  10. S. Santesson; M. Myers; R. Ankey; S. Galperin; C. Adams (June 2013). X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. Internet Engineering Task Force. doi:10.17487/RFC6960. RFC 6960. Proposed Standard. Updated by RFC 8954. Obsoletes RFC 6277 and 2560. Updates RFC 5912.
  11. Housley, Russ (September 2009). Cryptographic Message Syntax (CMS). Internet Engineering Task Force (IETF). doi:10.17487/RFC5652. RFC 5652. Internet Standard. Obsoletes RFC 3852.
  12. J. Callas; L. Donnerhacke; H. Finney; D. Shaw; R. Thayer (November 2007). OpenPGP Message Format. Network Working Group. doi:10.17487/RFC4880. RFC 4880. Proposed Standard. Obsoletes RFC 1991 and RFC 2440. Obsoleted by RFC 9580.
  13. S. Kent; K. Seo (December 2005). Security Architecture for the Internet Protocol. Network Working Group. doi:10.17487/RFC4301. RFC 4301. Proposed Standard. Obsoletes RFC 2401. Updated by RFC 6040 and 7619.
  14. S. Kent (December 2005). IP Encapsulating Security Payload. Network Working Group. doi:10.17487/RFC4303. RFC 4303. Proposed Standard. Obsoletes RFC 2406.
  15. Kaufman, Charlie; Hoffman, Paul; Nir, Yoav; Eronen, Pasi; Kivinen, Tero (October 2014). Internet Key Exchange Protocol Version 2 (IKEv2). Internet Engineering Task Force (IETF). doi:10.17487/RFC7296. RFC 7296. Internet Standard. Obsoletes RFC 5996.