This document provides a list of recommended ISO cryptographic algorithms for use within applicable ISO TC 68, Financial services, standards. It also provides strategic guidance on key lengths and associated parameters and usage dates.

This document focuses on core algorithms, key lengths and frequently used mechanisms. The included algorithms are considered to be fit for purpose for financial service use. For additional algorithms, see the body of standards produced by ISO/IEC JTC 1 SC 27, Information security, cybersecurity and privacy protection. For standards on key management, see ISO 11568.

The categories of algorithms covered are:

a)       block ciphers and modes of operation;

b)       stream ciphers;

c)        message authentication codes (MACs);

d)       authenticated encryption algorithms;

e)       format preserving encryption;

f)         hash functions;

g)       asymmetric algorithms:

1)       digital signature schemes giving message recovery;

2)       digital signatures with appendix;

3)       asymmetric ciphers.

h)       authentication mechanisms;

i)         key derivation, establishment and agreement mechanisms;

j)         key transport mechanisms:

1)       key wrapping.

This document does not define any cryptographic algorithms. However, the standards to which this document refers contain necessary implementation information as well as more detailed guidance regarding choice of security parameters, security analysis and other implementation considerations.