Securing personal data: ENISA guidelines on cryptographic solutions

ENISA launched two reports . The “Algorithms, key size and parameters” report of 2014 is a reference document providing a set of guidelines to decision makers, in particular specialists designing and implementing cryptographic solutions for personal data protection within commercial organisations or governmental services for citizens. The “Study on cryptographic protocols” provides an implementation perspective, covering guidelines regarding protocols required to protect commercial online communications containing personal data.

“Algorithms, key size and parameters”

This report provides a set of proposals in an easy to use form, with a focus on commercial online services that collect, store and process the personal data of EU citizens. It provides an update of the 2013 cryptographic guidelines report on security measures required to protect personal data in online systems. Compared with the 2013 edition, the report has been extended to include a section on hardware and software side-channels, random number generation, and key life cycle management, while the part on protocols, for 2014 is extended and is a stand-alone study on cryptographic protocols.

read more

Source: ENISA

Related posts