Security/Guidelines/Key Management

From MozillaWiki
< Security‎ | Guidelines
Revision as of 20:29, 23 October 2014 by Ulfr (talk | contribs)
Jump to navigation Jump to search

The goal of this document is to help operational teams with the handling and management of cryptographic material. All Mozilla sites and deployment should follow the recommendations below. The Operations Security (OpSec) team maintains this document as a reference guide for operational teams.

Document Status Major Versions
READY
  • Version 1: kang/ulfr: creation
OpSec.png

Data Classification

Key material

Key material identifies the cryptographic secrets that compose a key. All key material must be treated as restricted data, meaning that only individual with specific training and need-to-know should have access to key material. Key material must be encrypted on transmission. Key material can be stored in clear text, but with proper access control.

Public certificates

Public certificates are public and do not require specific access control or encryption.

Algorithms by security levels

This section organizes algorithms and key sizes for a given validity period that represent the level of security provided. While 10 years validity may be a requirement for very static keys, such as Root CAs, we do recommend preferring 2 years keys and implementing reliable key rotation, instead of trying to keep key material for long periods of time.

10 years

Type Algorithm and key size Bits of security
Asymmetric encryption RSA 4096 bits 144 bits
Asymmetric encryption ECDSA 384 bits 192 bits
Symmetric encryption AES-GCM 256 bits 256 bits
Hash & HMAC SHA-384 192 bits
Hash & HMAC SHA3-384 192 bits

2 years

Type Algorithm and key size Bits of security
Asymmetric keys RSA 2048 bits 112 bits
Asymmetric keys ECDSA 224 or 256 bits 112 bits
Symmetric encryption AES-CBC 128 bits 128 bits
Hash & HMAC SHA-256 128 bits
Hash & HMAC SHA3-256 128 bits

Legacy, not recommended

The following algorithms and sizes are still widely used but do not provide sufficient security for modern services and should be deprecated as soon as possible, unless backward compatibility is a requirement.

Type Algorithm and key size Bits of security
Asymmetric encryption RSA 1024 bits and below 80 bits
Asymmetric encryption ECDSA 160 bits and below 80 bits
Symmetric encryption 3DES
Symmetric encryption RC4
Hash & HMAC SHA-1 80 bits
Hash & HMAC MD5 64 bits

Handling

SSH

PGP/GnuPG

X509 Certificates and Keys

Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Guidelines/Key_Management&oldid=1027698"