The purpose of this standard is to define the ITS requirements for the use of cryptographic functions.

Date of Effectiveness
To Be Determined

Standard Owner
Director, Information Security, Information Technology Services

Version
Version 0.5

Summary showing Section Headings

ID Section Headings Brief Description
CRP-GN General
CRP-HS Hardware and Software
CRP-CT Contingency
CRP-DC Digital Certificates
CRP-RN Random Number Generators
CRP-KM Key Management
CRP-KP Key Classification and Protection
CRP-KI Process and Key Inventory Documentation
CRP-KC Key Compromise
CRP-KR Key Recovery and Archiving
CRP-KG Key Generations
CRP-KD Key Distribution / Loading
CRP-KU Key Use
CRP-KS Key Physical Key Storage
CRP-KE Key Expiry / Retirement
CRP-DK Destruction of Key Materials and Associated Electronic Storage Media

Cryptography Standard Controls

Control ID Control Existing Status Public Confidential Restricted Effort
CRP-GN General Existing Status Public Confidential Restricted Effort
CRP-GN-01 Cryptography in some form must be implemented in the following scenarios:

  • When required by a UofT policy or standard.
  • When non-repudiation is required.
 TRUE Approved Required Required Required TBD
CRP-GN-02 ISEA must be engaged for all work initiated after the effective date of this standard that requires cryptography in accordance with the Technology Delivery Framework (TDF). FALSE Proposed Required Required Required TBD
CRP-GN-03 ISEA must be consulted to determine physical security requirements for cryptographic implementations. TRUE Approved Required Required Required TBD
CRP-GN-04 Only UofT-approved cryptographic algorithms must be implemented and used. For the current list of approved algorithms, functions and their approved usage, refer to the UofT-Approved Cryptographic Algorithms and Usage table in the Cryptography Standard Supporting Document. TRUE Approved Required Required Required TBD
CRP-GN-05 When non-repudiation is required, transactions must be signed using a digital certificate and supporting infrastructure. TRUE Approved Required Required Required TBD
CRP-GN-06 Only salted password hashes must be used. FALSE Proposed Required Required Required TBD
CRP-GN-07 When date and time synchronization is required for operation, cryptographic hardware devices, appliances, and software must be synchronized using a UofT approved time synchronization service. TRUE Approved Required Required Required TBD
CRP-GN-08 Cryptographic systems must fail closed (i.e., access is denied if failure occurs). TRUE Approved Required Required Required TBD
CRP-GN-09 If designing new cryptographic processes or changing existing processes, ISEA must be engaged and provided with the necessary information as required by the IRRM (Threat Risk Assessment) process. TRUE Approved Required Required Required TBD
CRP-GN-10 When required, key escrow methodologies must be fully documented prior to production implementation of cryptographic systems. TRUE Approved Required Required Required TBD
CRP-GN-11 On an ongoing basis, information related to cryptographic weaknesses and attacks must be analyzed and recommendations must be presented to Business and Technology Leaders. TRUE Approved Required Required Required TBD
CRP-HS Hardware and Software Existing Status Public Confidential Restricted Effort
CRP-HS-01 Hardware encryption must be used for PIN-based processing and when business requirements exist for keys to be held under split knowledge and dual control. FALSE Deferred N/A Required Required TBD
CRP-HS-02 Other implementations of cryptography are candidates for software encryption only when they meet all of the following criteria:

  • Cryptography is ony used to provide confidentiality and integrity against unrelated third parties.
  • The risk of any individual who is in sole possession of a key being coerced or becoming corrupt is considered acceptable.
 FALSE Proposed Required Required Required TBD
CRP-HS-03 All principal parties agree to rely upon and trust the cryptographic implementation TRUE Approved Recommended Required Required TBD
CRP-HS-04 Hardware cryptographic devices must be certified to Security Level 3 or 4, as defined in the FIPS publication 140-2 on Security Requirements for Cryptographic Modules. FALSE Proposed Required Required Required TBD
CRP-HS-05 Hardware security modules and any other type of cryptographic hardware such as smartcards must not be shared between production and non-production environments simultaneouly. FALSE Proposed Required Required Required TBD
CRP-HS-06 A process must be established to ensure that hardware cryptographic devices intended for production use at any point in their life cycle must be

  • Inspected for identification and evidence of tampering upon receipt.
  • Continuously managed using a chain of custody
  • Inspected for identification and evidence of tampering prior to the loading of any production keys.
 TRUE Approved Required Required Required TBD
CRP-HS-07 When transferring cyrptographic hardware between production and non-production environments they must first be reviewed by ISEA and taken back to a factory default state (zero-ized). TRUE Approved Required Required Required TBD
CRP-CT Contingency Existing Status Public Confidential Restricted Effort
CRP-CT-01 Documented contingency requirements must be developed for all cryptographic implementations. TRUE Approved Required Required Required TBD
CRP-DC Digital Certificates Existing Status Public Confidential Restricted Effort
CRP-DC-01 Digital certificates used by UofT must be X509 version 3 certificates issued (signed) by a UofT approved Certificate Authority (CA). TRUE Approved Recommended Required Required TBD
CRP-DC-02 Digital certificates rely on asymmetric cryptography requiring a public and private key. Private Keys used by UofT must meet the requirements of this standard TRUE Approved Required Required Required TBD
CRP-DC-03 Self-signed digital certificates other than the UofT root certificate must only be used in non-production environments TRUE Approved Not Applicable Not Applicable Not Applicable TBD
CRP-DC-04 The lifespan of a client certificate must not exceed two years. FALSE Proposed Required Required Required TBD
CRP-DC-05 All digital certificates must be revocable. TRUE Approved Required Required Required TBD
CRP-DC-06 The lifespan of a root/server authority certificate must not exceed twenty-five years TRUE Approved Required Required Required TBD
CRP-RN Random Number Generators Existing Status Public Confidential Restricted Effort
CRP-RN-01 ISEA must review all implementations of software and hardware random number generators initiated after the effective date of this standard prior to implementation. FALSE Proposed Required Required Required TBD
CRP-RN-02 Only approved random number generator mechanisms must be used, as described in the NIST publication SP 800-90 on Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised) (see UofT-Approved Cryptographic Algorithms and Usage Table – UofT-Approved Random Number Generators in the Cryptography Standard Supporting Document). TRUE Approved Required Required Required TBD
CRP-KM Key Management Existing Status Public Confidential Restricted Effort
CRP-KM-01 Prior to any new cryptography implementation, the key life cycle phase druing which keys must be managed must be identified and documented. The full life cycle comprises the following phases:

  • Key Generation.
  • Key Distribution/Loading.
  • Key Use.
  • Key Storage/Archiving.
  • Key Retirement/Expiry
  • Key Destruction.
 FALSE Proposed Required Required Required TBD
CRP-KP Key Classification and Protection Existing Status Public Confidential Restricted Effort
CRP-KP-01 All secret or private cryptographic keys and all key components must be assigned an information classification of Restricted for confidentiality and High for integrity. TRUE Approved Required Required Required TBD
CRP-KP-02 Cryptographic key custodians must never disclose the key or key component to anyone, not even to a Manager or Auditor. TRUE Approved Required Required Required TBD
CRP-KI Process and Key Inventory Documentation Existing Status Public Confidential Restricted Effort
CRP-KI-01 Key management processes for all hard and soft keys must be developed and maintained for all steps of the key management life cycle. TRUE Approved Required Required Required TBD
CRP-KI-02 All processes must prevent key substitution. TRUE Approved Required Required Required TBD
CRP-KI-03 The following details for each production key must be recorded in an inventory if not already recorded by an automated system:

  • Key name and purpose/usage.
  • Key type.
  • Date the key was generated.
  • Number of components (if applicable).
  • Storage locations.
  • Key custodian sign-off form (if applicable).
  • A record of all key custodians since the key was generated and the dates the custodian changed (if applicable).
  • Dates the keys were accessed for key management activities and the reason for the access (if applicable).
  • Date the key was destroyed and proof of destruction (if applicable).
 FALSE Proposed Required Required Required TBD
CRP-KI-04 A process must be implemented to ensure the key inventory is updated. FALSE Proposed Required Required Required TBD
CRP-KI-05 Inventory information must be retained for the period specified by the business in accordance with the Record Retention Policy or for the entire lifespan of the key, whichever is greater. FALSE Proposed Required Required Required TBD
CRP-KI-06 Where responsibility for the individual key or keys resides with a third party service provider, the key management inventory must either be owned by UofT or available for UofT review upon notification. TRUE Approved Required Required Required TBD
CRP-KC Key Compromise Existing Status Public Confidential Restricted Effort
CRP-KC-01 Suspected or confirmed compromise of a key must immediately be reported to the Coordinated Information Security Response Team (CISRT) FALSE Proposed Required Required Required TBD
CRP-KR Key Recovery and Archiving Existing Status Public Confidential Restricted Effort
CRP-KR-01 All keys must be retained until all the information signed or encrypted by them is no longer required in accordance with the Record Retention Policy. TRUE Approved Required Required Required TBD
CRP-KR-02 Recovery of encrypted information must adhere to the principles of dual control and split knowledge, with full accountability and auditability. FALSE Proposed Required Required Required TBD
CRP-KR-03 Recovered keys must be handled in an identical manner as to when they were active production keys including all physical and logical controls. TRUE Approved Required Required Required TBD
CRP-KG Key Generations Existing Status Public Confidential Restricted Effort
CRP-KG-01 ISEA must review all key generation processes developed after the effective date of this standard prior to implementation. FALSE Proposed Required Required Required TBD
CRP-KG-02 The life span and expiration date of every key must be determined prior to implementation. TRUE Approved Required Required Required TBD
CRP-KG-03 All key encryption keys or cryptographic algorithms used to transmit or convey other cryptographic keys must be at least as strong as the key transmitted or conveyed. TRUE Approved Recommended Required Required TBD
CRP-KG-04 Whenever keys are generated, checks must be performed to avoid keys that are obvious or that have known weaknesses. TRUE Approved Required Required Required TBD
CRP-KG-05 All hard keys and non-zero initialization vectors (IVs) must be generated within approved cryptographic hardware. FALSE Proposed Required Required Required TBD
CRP-KG-06 Keys, key components, and non-zero IVs must be randomly generated. TRUE Approved Required Required Required TBD
CRP-KG-07 The key custodian of a particular key component must never be appointed custodian of any other component of the same whole key, throughout the entire life cycle of that key. FALSE Proposed Required Required Required TBD
CRP-KG-08 A secret key, private key, or key component generation process must be initiated by the possessor/custodian of the key or key component upon the request of the owner of the key. TRUE Approved Required Required Required TBD
CRP-KG-09 Two or more full-length key components must be XOR’d together to produce all hard keys. FALSE Proposed Required Required Required TBD
CRP-KG-10 Any computing devices used in conjunction with an hardware security module (HSM) to generate a secret key, private key, IV, or key component must:

  • Not be connected to a network while in use.
  • Be stored under dual control when not in use.
  • Be inspected for signs of tampering before being used.
  • Be powered down completely after use.
 FALSE Proposed Required Required Required TBD
CRP-KD Key Distribution/Loading Existing Status Public Confidential Restricted Effort
CRP-KD-01 Usage of key loading hardware must be reviewed by ISEA prior to implementation. FALSE Proposed Required Required Required TBD
CRP-KD-02 All hard keys must be distributed, transported, and entered, either as plaintext key parts held under dual control and split knowledge, or as key cryptograms. TRUE Approved Recommended Required Required TBD
CRP-KD-03 Key loading hardware must be managed under dual control. FALSE Proposed Required Required Required TBD
CRP-KD-04 Hardware security modules used for key transport must be held under dual control. FALSE Proposed Required Required Required TBD
CRP-KD-05 Any single unencrypted key component must at all times during its physical transport be under the continuous supervision of a person with authorized access to the component and either locked in a security container (including tamper-evident packaging) or stored in a hardware security module. FALSE Proposed Recommended Required Required TBD
CRP-KD-06 Secret or private keys must be transferred by either physically forwarding the key in at least two separate full-length components (hard copy, smart card, HSM) using different communication channels or transmitting the key as ciphertext. TRUE Approved Required Required Required TBD
CRP-KU Key Use Existing Status Public Confidential Restricted Effort
CRP-KU-01 A key must be used for only one purpose and adhere to the following:

  • A public key must only be used for encryption or for verifying digital signatures, but not for both.
  • A private key must only be used for decryption or for creating digital signatures, but not for both.
  • A symmetric key must only be used for encryption or authentication, but not for both.
  • A symmetric key used to encrypt keys must not be used to encrypt other types of data.
 TRUE Approved Recommended Recommended Required TBD
CRP-KU-02 Keys must never be shared or moved between production and non-production systems or environments. TRUE Approved Recommended Required Required TBD
CRP-KU-03 The integrity of a public key must be cryptographically protected using a digital signature, when it is located in a publicly accessible location (e.g., Internet Web server). FALSE Proposed Required Required Required TBD
CRP-KU-04 A private key must be stored as a cryptogram. FALSE Proposed Required Required Required TBD
CRP-KS Physical Key Storage Existing Status Public Confidential Restricted Effort
CRP-KS-01 Storage mechanisms used for keys or key components must be tamper-resistant, tamper-evident, and access must be restricted to authorized personnel. FALSE In Progress Recommended Recommended Required TBD
CRP-KS-02 If the key or key component is stored on a token and a secret code is used to access the token, only that token’s custodians must ever have possession of both the token and the knowledge of its corresponding secret code. TRUE Approved Recommended Required Required TBD
CRP-KS-03 When keying material requiring dual control is added to or removed from a physical storage facility, access must be specifically authorized, physically or logically restrained, and fully auditable. Audit logs must include:

  • The name of the individual authorizing the addition or removal of the keying material.
  • The date and time of the addition, return, or removal of the keying material.
  • The reason for accessing the keying material.
  • The full names and signatures of the individuals accessing the keying material.
  • The full names and signatures of the individuals providing access to the central physical storage facility.
 FALSE Proposed Required Required Required TBD
CRP-KS-04 All hard keys, when not confined to a hardware security module, must be stored as plaintext components held under dual control and split knowledge, or as cryptograms, using a dedicated key. FALSE Proposed Required Required Required TBD
CRP_KE Key Expiry/Retirement Existing Status Public Confidential Restricted Effort
CRP-KE-01 A key must be replaced on or before its stipulated active life expiry. TRUE Approved Recommended Required Required TBD
CRP-KE-02 A key active life expiry must be determined during the Planning phase in consultation with ISEA unless predetermined in the Specified Key Cryptoperiods table in the UofT Cryptography Supporting Document. FALSE Proposed Required Required Required TBD
CRP-DK Destruction of Key Materials and Associated Electronic Storage Media Existing Status Public Confidential Restricted Effort
CRP-DK-01 All keys, key components, and or the media on which they are stored must be destroyed when no longer required, in accordance with the requirements of Information Classification and Protection Standard. TRUE Approved Recommended Required Required TBD
CRP-DK-02 Physical key material destruction must be witnessed with full accountability and the appropriate records retained for audit purposes. FALSE Proposed Recommended Recommended Required TBD
CRP-DK-03 When a hardware security module is taken out of service, it must be returned to the factory default settings. If the factory default settings cannot be determined, then it must be destroyed in accordance with the requirements in the Information Classification and Protection Standard. TRUE Approved Not Applicable Required Required TBD
CRP-DK-04 A log must be created for each key destruction, including:

  • The date and the time of the keying material destruction.
  • The reason for destroying the keying material.
  • The full name and signature of the owner providing authority for the destruction.
  • The full name and signature of the individual destroying the keying material.
  • The full name and signature of the non-custodial individual witnessing the destruction of the keying material.
 FALSE Proposed Recommended Recommended Required TBD