Cryptoperiod

A cryptoperiod is the time span during which a specific cryptographic key is authorized for use. Common government guidelines[1] range from 1 to 3 years for asymmetric cryptography,[2] and 1 day to 7 days for symmetric cipher traffic keys.[3]

Factors to consider include the strength of the underlying encryption algorithm, key length, the likelihood of compromise through a security breach and the availability of mechanisms of revoking keys.

In traditional cryptographic practice, keys were changed at regular intervals, typically at the same time each day. The code word for a key change, in NSA parlance, is HJ or Hotel Juliet in the NATO phonetic alphabet.[4][5]

When cryptographic devices began to be used in large scale, those who had to update the key had to set a specific time to synchronize the re-key. This was accomplished at the hour (H) the Julian (J) Date changed, among crypto-accountants, managers and users the jargon "HJ" became the accepted term meaning it was time to change the crypto-key.

NESTOR in Vietnam

During the Vietnam War, the United States issued its forces a series of secure voice encryption equipment code-named NESTOR. According a U.S. Army history: "To maintain compatibility, key changes had to occur simultaneously in all units. The time chosen for this change was midnight, tactically the worst possible time because the greatest number of enemy contacts occurred from 2200 to 0200. Moreover, where several units shared the same keying device, having to move at night to change key settings was inconvenient and dangerous and added to the reasons for not using the equipment. Later the time of the daily NESTOR key change was moved to 0600."[6]

References


This article is issued from Wikipedia - version of the Monday, May 02, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.