Question

How long should a key be used before it is replaced? Search the Internet for information regarding cryptoperiods for hash, symmetric, and asymmetric algorithms. Find at least three sources for each of the algorithms. Write a summary of what you find in regards to the recommended times and figure the average time between all three of your sources. Do you agree with the average time for a hash, symmetric, and asymmetric algorithms? What would you recommend for each? Why? Please make sure it is 150 words.

Answer 1

A cryptographic key is generated through a key management system. It is then stored in a key storage database, and is activated upon creation or can be activated later. The time for which a key is used before it is replaced is called as the life cycle of the cryptographic key or also called as the crypto period of the key. A cryptoperiod is defined as the period during which a key can be utilized. Crypto period is a operational life of a key and is defined by number of factors like the sensitivity of the data or keys to be protected and number of keys to be protected,
length of the key, etc. Even after replacing a key the key is not totally removed but is stored in archives so that is can be retrievable in special cases.

Symmetric key algorithm are those which generate the same key for reciever side and sender's side. In case of symmetric key or symmetric algorithm key the cryptoperiod of the symmetric key is from the beginning of the originator usage period(the period of time key protection is applied to the data) to the end of the recipient usage period(the period of time during which the protected information is processed). It ranges from 1 to 7 days for symmetric keys.

Assymetric key algorithm are those which generate different keys for both sender's side and and a different one for reciever side. Unlike in case of Symmetric key algorithm as there are different keys for both sides their cryptoperiod can be long may bo of the order of several years. As in case of any keys the reliability of the signature is redused with the passage of time. Vulnerability of a key is expected to increase with time. Choosing a larger key size can solve this issue and that is why assymetric keys are considered to must have a longer key size and that is why theri cryptoperiod is larger.

Hash algorithm are cryptographic hash functions that generate a fixed length result ( hash or hash value) from the given input. It maps data of arbitary size to a hash of a fixed size. Firstly hash algorithms were irreversible algorithm but with recent years it changed and hash algorithms were made reversible like MD5. There is no key in hash algorithm because it scrambles plain text to give a unique message digest. So, there is no cryptoperiod.

Types of Symmetric key algorithm are-

===============================

DES and Triple DES

RC algorithm family(RC2 and RC4)

AES(Advance Eencryption Standards)

Types of Assymetric key algorithm-

============================

RSA Asymmetric Encryption Algorithm

ECC Asymmetric Encryption Algorithm

El Gamal and DSA

Types of Hash Key Algorithm-

========================

SHA-1 (Secure Hashing Algorithm)

MD5 & MD4(Message Digest)

CRC32

Yes, I agree with the average tiime for hash, symmetric and asymmetric algorithms.