Skip to content

crypto-algorithms-list-properties-description.md

Latest commit

 

History

History
75 lines (58 loc) · 4.9 KB

crypto-algorithms-list-properties-description.md

File metadata and controls

75 lines (58 loc) · 4.9 KB

SPDX Cryptographic Algorithms List properties description

id

  • Description: unique identifier for every cryptographic algorithm. This list provides an identifier per algorithm.
  • Cardinality: [1]
  • Values: string, where the usage of lower or upper case characters depend on each algorithm

oid

  • Description: unique, globally unambiguous identifier, managed by registration authorities to ensure it clearly identifies a specific object, such as a cryptographic algorithm
  • Cardinality: [0..*]
  • Values: series of integers separated by dots, where each number represents a level in a tree structure

name

  • Description: widely accepted name provided by the author of the algorithm or a standardization body
  • Cardinality: [1]
  • Values: string

commonkeySize

  • Description: the detected key size
  • Cardinality: [0..*]
  • Values:
    • , where is an integer, provided in bits.
    • ['','', ... ''], where , , ... are different integers, provided in bits, and in ascendant order.

specifiedkeySize

  • Description: the default key size or range determined by the authors of the algorithm, standardization or compliance bodies/agencies
  • Cardinality: [0..*]
  • Values: one of these options, or a combination of them, are valid
    • , where is an integer, provided in bits.
    • ['','', ... ''], where , , ... are different integers, provided in bits, and in ascendant order.
    • {min: '', max: ''}, where is the minimum integer, and is the maximum integer of the range, both provided in bits.

cryptoClass

  • Description: cryptographic algorithms are categorized in classes. The classes are defined by the number of cryptographic keys that are used in conjunction with the algorithm.
    • Cryptographic hash functions do not require keys for their basic operation.
    • Symmetric-key algorithms transform data in a way that is fundamentally difficult to undo without knowledge of a secret key. The key is “symmetric” because the same key is used for a cryptographic operation and its inverse
    • Asymmetric-key algorithms, commonly known as public-key algorithms, use two related keys (i.e., a key pair) to perform their functions: a public key and a private key. The public key may be known by anyone; the private key should be under the sole control of the entity that “owns” the key pair. Even though the public and private keys of a key pair are related, knowledge of the public key cannot be used to determine the private key.
  • Cardinality: [1]
  • Values: "Cryptographic-Hash-Function" , "Symetric-Key-Algorithm" or "Asymmetric-Key-Algorithm"

cryptoSubClass

  • Description: each class of algorithms is categorised in subclasses. These subclasses are based/inspired on:
    • NIST Special Publication (SP) 800-57 Part 1, Rev. 4, January
    • Input from the SPDX Cryptographic Algorithms List Group members
  • Cardinality: [0..1]
  • Values:
    • cryptoClass "Cryptographic-Hash-Function"
      • cryptoSubClass values: "Hash-Function" , "Password-Hashing" , "Message-Authentication-Code" , "Checksum"
    • cryptoClass "Symetric-Key-Algorithm"
      • cryptoSubClass values: "Block-Cipher" , "Stream-Cipher" , "Encoding" , "Random-Number-Generator" , "Key-Derivation"
    • cryptoClass "Asymmetric-Key-Algorithm"
      • cryptoSubClass values: "Public-Key-Encryption" , "Public-Key-Cipher" , "Elliptic-Curve-Cryptography" , "Digital-Signature" , "Post-Quantum-Cryptography" , "Protocol", "Hybrid-Cipher" or "Key-Exchange-Mechanism"

Notes:

  1. the subclasses has been added to the cryptoClass property, separated by a "/" character from the class. This specific way to structure the subclasses is WIP.
  2. cryptoSubClass values are currently WIP

reference

  • Description: A link or reference to the authoritative publication, standard, or technical specification that formally defines the cryptographic algorithm. This resource MUST provide details on the algorithm’s mathematical basis, rationale, intended applications, and implementation considerations.
  • Cardinality: [1..*]
  • Value: Array of strings (each string must be a valid URL)
    • Each reference should be placed on a different line, as a list.
    • Ordering and Prioritization Rules:
      • Highest priority: Official specification published by a recognized standardization body (e.g., NIST, IETF, ISO/IEC, ANSI, ETSI, RFC series, etc.).
      • Next priority: Original research paper or technical report published by the algorithm designers/authors.
      • Next priority: Any other authoritative, publicly accessible and free of charge document that provide the required detail about the algorithm.
      • Additional references (optional): Any other authoritative documents that provide the required detail about the algorithm.