Question

a) Cryptoperiods

A cryptographic key is a value (essentially a random string of bits) that serves as input to an algorithm, which then transforms plain text into ciphertext (and vice versa for decryption). One of the important characteristics that determines key strength is its cryptoperiod [1]. Or the length of time for which the key is authorised for use.

1. From current literature survey, critically analyse and discuss cryptoperiods for hash, symmetric, and asymmetric algorithms. Find at least three sources for each of the algorithms (select two algorithms from each category).
2. Draw a table to list the algorithms and the recommend time, and then calculate the average of each.
3. Provide recommendation on the cryptoperiods for each selected algorithm.

Answer 1

Algorithm	Max Time	Average
Hash	2yrs 1.5yrs 2yrs	1.8yrs
Symmetric	2yrs 2yrs 2yrs	2 yrs
Asymetric	3yrs 3yrs 2yrs	2.7 yrs

The cryptoperiods suggested are only rough guidelines; longer or shorter cryptoperiods may be warranted, depending on the application and environment in which the keys will be used. However, when assigning a longer cryptoperiod than that suggested below, serious consideration should be given to the risks associated with doing so. Shorter is always better even though it might not be easier to apply. I would recommend the shortest time for each cryptoperiod because of the risks associated with longer periods