Caltech Cryptographic Standards
Caltech Cryptographic Standards (Hashing, Ciphers, Digital Signatures)
Aligned to NIST (FIPS 140-3, SP 800-131A, FIPS 180-4, FIPS 186-5, SP 800-38, FIPS 203–205 Post-Quantum Cryptography Standards, NIST IR 8547 Transition Guidance)
1. Purpose
Define approved cryptographic algorithms and minimum standards for hashing, encryption (ciphers), and digital signatures to ensure confidentiality, integrity, and authenticity of institutional data.
This standard also establishes a forward-looking cryptographic posture to address emerging risks associated with quantum computing.
2. Scope
Applies to:
- All Caltech systems, applications, research environments (including HPC), and cloud vendors
- Data classified as Internal, Confidential, Restricted, or regulated (HIPAA, FERPA, GLBA, ITAR, etc.)
3. Cryptographic Baseline Requirements
3.1 General Requirements
- Only NIST-approved algorithms and key sizes SHALL be used
- Minimum security strength: 128 bits for new systems
- All cryptographic implementations MUST use FIPS 140-validated modules (where applicable)
- Deprecated algorithms MUST NOT be used for new deployments
- Systems MUST be designed with cryptographic agility to enable future transition to NIST-approved post-quantum cryptographic standards
4. Hashing Standards
4.1 Approved Algorithms
- SHA-2 family: SHA-256, SHA-384, SHA-512
- SHA-3 family: SHA3-256, SHA3-384, SHA3-512
4.2 Deprecated / Prohibited
- SHA-1 (disallowed for digital signatures and deprecated overall)
- MD5 (not NIST-approved and MUST NOT be used)
4.3 Usage Requirements
- Minimum: SHA-256 or higher
- Hashes MUST provide:
- Collision resistance
- Preimage resistance
- Second preimage resistance
4.4 Password Hashing
- PBKDF2 (NIST SP 800-132)
- bcrypt / Argon2 permitted under institutional exception policy
5. Symmetric Encryption (Ciphers)
5.1 Approved Algorithms
- AES: AES-128, AES-192, AES-256
5.2 Approved Modes of Operation
- GCM (preferred)
- CBC, CTR (acceptable with appropriate protections)
5.3 Prohibited / Deprecated
- DES
- RC4
- AES-ECB
- Triple DES
5.4 Requirements
- Minimum key size: 128-bit
- AES-256 preferred for regulated or high-risk data
- Authenticated encryption REQUIRED (e.g., AES-GCM)
6. Asymmetric Cryptography & Digital Signatures
6.1 Approved Algorithms (FIPS 186-5)
- RSA (≥ 2048 bits)
- ECDSA (P-256, P-384, P-521)
- EdDSA (recommended for new implementations)
6.2 Deprecated
- DSA (only permitted for legacy verification)
6.3 Requirements
Digital signatures MUST provide:
- Integrity
- Authentication
- Non-repudiation
6.4 Key Size Baselines and Post-Quantum Readiness
- RSA: ≥ 2048 bits (≥ 3072 recommended for long-lived systems)
- ECC: ≥ 224-bit curve strength (P-256 or higher recommended)
All systems SHALL incorporate cryptographic agility to support migration to post-quantum cryptographic algorithms.
Given the diverse nature of Caltech environments, including legacy systems, research platforms, and HPC infrastructure immediate adoption of PQC is not required. Systems
MUST support incremental transition without requiring significant architectural redesign.
6.5 Post-Quantum Cryptography (PQC) Transition Strategy
NIST has published initial post-quantum cryptographic standards and continues to define transition guidance. Caltech SHALL adopt a phased transition approach aligned with these standards and federal timelines.
Phase 1 – Readiness and Planning
- Maintain cryptographic agility in all new systems
- Avoid hard-coded dependencies (e.g., RSA-only implementations)
- Evaluate exposure of long-lived and high-value data (e.g., research IP, ITAR, HIPAA)
Phase 2 – Hybrid Adoption
- Support hybrid cryptographic models combining classical and PQC algorithms as available
Phase 3 – Full Transition
- Transition to NIST-approved PQC algorithms as standards, vendor support, and federal mandates mature
Legacy systems and research environments may require extended timelines and SHALL be managed using a risk-based exception process.
7. Key Management Requirements
- Follow NIST SP 800-57
- Keys MUST be:
- Generated using approved random number generators
- Stored securely (e.g., HSM, KMS, Key Vault, or secure enclave)
- Rotated based on sensitivity and usage (at least annually)
- Separate keys MUST be used for:
- Encryption
- Signing
- Key derivation
8. Transport Security (TLS)
- Minimum: TLS 1.2
- Preferred: TLS 1.3
- Only NIST-approved cipher suites SHALL be used
- SSL, TLS 1.0, and TLS 1.1 are prohibited
9. Legacy & Transition Guidance
Caltech operates a diverse technology environment that includes legacy systems, research platforms, and specialized instrumentation. Cryptographic modernization SHALL follow a risk-based, phased approach, not immediate replacement.
Systems using deprecated algorithms MUST:
- Be remediated where feasible, or
- Have documented risk acceptance with compensating controls
Transition efforts MUST prioritize:
- Systems handling CUI, ITAR/EAR, or regulated data
- Systems storing long-lived or high-value research data
Caltech SHALL:
- Prefer modern algorithms (SHA-256+, AES-256, ECDSA/EdDSA)
- Ensure post-quantum readiness and transition planning for new systems
- Leverage vendor-supported PQC capabilities as they mature
Full migration to PQC will occur in alignment with:
- NIST standards maturity
- Vendor ecosystem readiness
- Federal compliance requirements
10. Compliance & Enforcement
Applies to:
- Internal systems
- Research computing environments
- Third-party cloud vendors
Exceptions require:
- Documented risk acceptance
- Security architecture review approval
11. References (NIST)
- FIPS 140-3 – Cryptographic Modules
- FIPS 180-4 – Secure Hash Standard
- FIPS 202 – SHA-3
- FIPS 186-5 – Digital Signature Standard
- FIPS 203 – Module-Lattice-Based Key-Encapsulation Mechanism Standard (ML-KEM)
- FIPS 204 – Module-Lattice-Based Digital Signature Standard (ML-DSA)
- FIPS 205 – Stateless Hash-Based Digital Signature Standard (SLH-DSA)
- SP 800-38 – Block Cipher Modes of Operation
- NIST SP 800-57 – Recommendation for Key Management
- SP 800-131A – Transitioning the Use of Cryptographic Algorithms and Key Lengths
- NIST SP 800-132 – Recommendation for Password-Based Key Derivation
- NIST IR 8547 – Transition to Post-Quantum Cryptography
- FIPS 203–205 – Post-Quantum Cryptography Standards
- NIST NCCoE SP 1800-38 – Migration to Post-Quantum Cryptography (Practice Guide)