I often see it claimed on a website that they use banking or military grade encryption. As of 2021, what kind of encryption do the majority of (Western) banks and militaries currently use? Or in other words, what kind of encryption would a web or native app need to implement in order to be able to truthfully make this claim in 2021?
-
4These are buzzwords. Military grade encryption isn't any more secure than what consumers use. – defalt Aug 16 '21 at 13:52
-
@defalt True, but that won't stop companies from using it because consumers won't stop putting stock in it. May as well make it as transparent as possible and be able to determine whether it's actually true or not on a case-by-case basis. – Hashim Aziz Aug 16 '21 at 14:19
-
2In reality "military grade security" as a buzzword without any more details very often indicates that the product was developed without a proper understanding of how to use cryptography in a secure way. Therefore when ever I read that a product provides military grade security I avoid this product or I start hacking it as it is usually easy to hack and gives you a lot to laugh. – Robert Aug 16 '21 at 20:50
2 Answers
It's a bogus claim. It can mean whatever someone wants it to mean. The claim never says, for example, which military and if the encryption is currently approved for any specific military.
NIST defines the list of approved encryption algorithms used by US military. Anything listed in NIST docs could be considered "military grade encryption".
what kind of encryption do the majority of (Western) banks and militaries currently use?
Whatever is cheapest and easiest to implement in the given context. There is no single answer to that, and there will be many instances of known-weak encryption used in some contexts because it is too expensive to replace, or there is a plan to replace it "later".
- 123,438
- 55
- 284
- 319
-
It's only a bogus claim if it's untrue, and there *is* a single, true answer to what kind of encryption the *majority* use. Based on these two premises, it seems entirely possible to make a true non-bogus claim about military- or banking-grade encryption given that the answer to the second premise is known. What I'm asking in this question is therefore what that answer to the second premise is currently in 2021, which your edit to my title ironically sums up pretty well. – Hashim Aziz Aug 16 '21 at 14:15
-
9True claims can be bogus. And that's the problem here. It's a completely undefined statement ***that can mean whatever someone wants it to mean***. So, I can use a Ceasar Cipher and claim it to be "military-grade encryption" since it was actually used by a powerful military. It becomes a meaningless statement ***even if true***. – schroeder Aug 16 '21 at 14:36
-
1And, as I already said, there is no answer to what the "majority" use, since no one entity just uses one thing. And they all use weak encryption, too. – schroeder Aug 16 '21 at 14:37
-
I'm getting the impression that ***you*** want to make this claim and are looking for a definition. Don't. Explain what standard you are compliant with, since that claim is not subjective. – schroeder Aug 16 '21 at 14:39
-
2Oh, by the way, I also answered your question directly. Whatever is the current standard in NIST is your answer. In case you missed that point. – schroeder Aug 16 '21 at 14:49
-
2Actually NIST doesn't itself set standards for US military, or more broadly national security systems (per FISMA); CNSS, supported by NSA and DISA, does -- although they do try to align with NIST where they can, partly to allow buying and using 'commercial' (and _not_ specifically 'military') products. FWTW. – dave_thompson_085 Aug 16 '21 at 23:35
-
@dave_thompson_085 I'm aware, and I know there are more subtleties and complexities in even what you said, but NIST provides that common benchmark. – schroeder Aug 17 '21 at 06:31
"military grade encryption" or banking typically means compliant with FIPS 140-2 Level 1 (a transition to FIPS 140-3 is in-progress) with certain extra restrictions. The extra restrictions are that SHA-1 hash algorithm is prohibited, and the Triple-DES encryption algorithm is prohibited. Typically the term requires AES-256 implementation as the crypto algorithm.
FIPS 140-2 requires that only select validated encryption, signatures and hashing are used. The software or hardware must be verified by NIST's "Cryptographic Module Validation Program". Suppliers of FIPS crypto software must submit the code & detailed documentation to NIST for validation, and then any user must show traceability to the verified implementation. This often means use of a signed binary module or library.
For example, Windows 10 Enterprise & Pro have this library: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2606 GnuTLS is certified at FIPS 140-2 & 140-3. AWS and Google cloud services have FIPS 140-x certified support. As far as I know, it is not possible to operate a BSD UNIX system in a FIPS 140-2 certified mode without re-certification by NIST.
As far as actual encryption algorithms; AES and Triple-DES are the FIPS approved algorithms, and AES-256 is the most commonly used, and Triple-DES is considered less secure.
For digital signatures, DSA, RSA, and ECDSA are approved, and RSA at 2048 bits seems very common.
FIPS 140-2 includes SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256 hash functions; however SHA-1 is no longer considered secure. Many banks use SHA-256.
- 56
- 1