|
+CRY-01.01AC |
1. ÜbersichtCRY-01.01ACThe cloud service provider has defined and documented a Post-Quantum-Cryptography (PQC) strategy according to SP-01 to address threats posed by adversaries in possession of a quantum computer.The following Technical Guidelines (valid at the given time) provide recommendations and key lengths for state of the art cryptographic mechanisms: 1. BSI TR-02102-1 Cryptographic Mechanisms: Recommendations and Key Lengths; 2. BSI TR-02102-2 Cryptographic Mechanisms: Recommendations and Key Lengths – Use of Transport Layer Security (TLS); 3. BSI TR-02102-3 Cryptographic Mechanisms: Recommendations and Key Lengths – Use of Internet Protocol Security (IPSec) and Internet Key Exchange (IKEv2); and 4. BSI TR-02102-4 Cryptographic Mechanisms: Recommendations and Key Lengths – Use of Secure Shell (SSH). A change management process in the sense of the basic criterion can either be covered by the standard change management process described in DEV-03 or can be implemented as a separate process. Recommendations for the migration to PQC and future-proof use of cryptography are provided, for example, in: 1. The BSI guideline 'Quantum-safe cryptography – fundamentals, current developments and recommendations'; 2. The roadmap 'A Coordinated Implementation Roadmap for the Transition to Post-Quantum Cryptography' published by the European Commission; and 3. The preliminary drafts for the NIST publication 'NIST SP 1800-38: Migration to Post-Quantum Cryptography: Preparation for Considering the Implementation and Adoption of Quantum Safe Cryptography'.
1.1 Referenzen1.2 Identifizierte Anforderungen1.2 Related Regulation2. Identifizierte Anforderungen
3. Related Regulations
|