ISO 27001:2022 A 8.24 Use of cryptography

Cryptography is a science that applies complex mathematics and logic to design strong encryption methods. Achieving strong encryption, the hiding of data’s meaning also requires intuitive leaps that allow the creative application of known or new methods. So cryptography is also an art. Cryptography is used in information security to protect information from unauthorized or accidental disclosure while the information is in transit (either electronically or physically) and while information is in storage. It is the practice of hiding information so that unauthorized persons can’t read it. The literal meaning for cryptography is “hidden writing”: how to make what you write obscure, unintelligible to everyone except whom you want to communicate with. When information is transmitted between networks, and devices, cyber attackers may use various techniques to steal sensitive information during transit, tamper with the content of the information, impersonate the sender/recipient to gain unauthorized access to information or intercept the transfer of information. For example, cyber criminals may use the man-in-the-middle (MITM) attack technique, intercept the transmission of data and impersonate the server to persuade the sender to disclose his/her login credentials to the false server. They can then use these credentials to gain access to systems and compromise sensitive information.The use of cryptography such as encryption can be effective to protect the confidentiality, integrity, and availability of information assets when they are in transit. Furthermore, cryptographic techniques can also maintain the security of information assets when they are at rest. This Control addresses how organisations can establish and implement rules and procedures for the use of cryptography.

Cryptography can be used to achieve several goals for information security, including confidentiality, integrity, and authentication.

  •  Confidentiality: First, cryptography protects the confidentiality (or secrecy) of information. Even when the transmission or storage medium has been compromised, the encrypted information is practically useless to unauthorized persons without the proper keys for decryption.
  •  Integrity: Cryptography can also be used to ensure integrity (or accuracy) of information through the use of hashing algorithms and message digests.
  • Authentication: Finally, cryptography can be used for authentication (and non-repudiation) services through digital signatures, digital certificates, or a Public Key Infrastructure (PKI).

The core principles of information security are confidentiality, integrity, authentication and non-repudiation.

  1. Authentication
    Authentication is any process by which you verify that someone is who he claims he is. This usually involves a username and a password but can include any other method of demonstrating identities, such as a smart card, retina scan, voice recognition, or fingerprints.
  2. Confidentiality
    Confidentiality means that only people with the right permission can access and use information. It also means protecting it from unauthorized access at all stages of its life cycle. Confidentiality is necessary (but not sufficient) for maintaining the privacy of the people whose personal information a system holds. Encryption is one way to make sure that information remains confidential while it’s stored and transmitted. Encryption converts information into code that makes it unreadable. Only people authorized to view the information can decode and use it.
  3. Integrity
    Integrity means that information systems and their data are accurate. Integrity ensures that changes can’t be made to data without appropriate permission. If a system has integrity, it means that the data in the system is moved and processed in predictable ways. The data doesn’t change when it’s processed.
  4. Non-repudiation
    Non repudiation means to ensure that a transferred message has been sent and received by the parties claiming to have sent and received the message. Non repudiation is a way to guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.
  5. Availability
    Availability is the security goal of making sure information systems are reliable. It makes sure data is accessible. It also helps to ensure that individuals with proper permission can use systems and retrieve data in a dependable and timely manner..


Public key encryption refers to a type of cipher architecture known as public-key cryptography that utilizes two keys, or a key pair, to encrypt and decrypt data. One of the two keys is a public key, which anyone can use to encrypt a message for the owner of that key. The encrypted message is sent and the recipient uses the private key to decrypt it. Public key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman. For this reason, it is sometimes called Diffie-Hellman encryption. It is also called asymmetric encryption because it uses two keys instead of one key (symmetric encryption). The latest research focus is on the cryptographic primitive named Signcryption. This represents the combination of the digital signature and the public key encryption in a single logical step. The most important advantage of this new method is the cost which is less than the sum for the cost of digital signature and the cost for encryption. This new encryption schema has been invented by Yuliang Zheng. Public key cryptography is used to solve various problems that symmetric key algorithms cannot. In particular, it can be used to provide privacy and non-repudiation. Privacy is usually provided through key distribution and a symmetric key cipher. This is known as hybrid encryption. Nonrepudiation is usually provided through digital signatures and a hash function.


Rules for the effective use of cryptography, including cryptographic key management, should be defined and implemented.


To ensure proper and effective use of cryptography to protect the confidentiality, authenticity or integrity of information according to business and information security requirements, and taking into consideration legal, statutory, regulatory and contractual requirements related to cryptography.

ISO 27002 Implementation Guidance


When using cryptography, the following should be considered:
a) the topic-specific policy on cryptography defined by the organization, including the general principles for the protection of information. A topic-specific policy on the use of cryptography is necessary to maximize the benefits and minimize the risks of using cryptographic techniques and to avoid inappropriate or incorrect use;
b) identifying the required level of protection and the classification of the information and consequently establishing the type, strength and quality of the cryptographic algorithms required;
c) the use of cryptography for protection of information held on mobile user endpoint devices or storage media and transmitted over networks to such devices or storage media;
d) the approach to key management, including methods to deal with the generation and protection of cryptographic keys and the recovery of encrypted information in the case of lost, compromised or damaged keys;
e) roles and responsibilities for:

  1. the implementation of the rules for the effective use of cryptography;
  2. the key management, including key generation;

f) the standards to be adopted, as well as cryptographic algorithms, cipher strength, cryptographic solutions and usage practices that are approved or required for use in the organization;
g) the impact of using encrypted information on controls that rely on content inspection (e.g. malware detection or content filtering).
When implementing the organization’s rules for effective use of cryptography, the regulations and national restrictions that can apply to the use of cryptographic techniques in different parts of the world should be taken into consideration as well as the issues of trans-border flow of encrypted information.
The contents of service level agreements or contracts with external suppliers of cryptographic services (e.g. with a certification authority) should cover issues of liability, reliability of services and response times for the provision of services .

Key management

Appropriate key management requires secure processes for generating, storing, archiving, retrieving, distributing, retiring and destroying cryptographic keys. A key management system should be based on an agreed set of standards, procedures and secure methods for:
a) generating keys for different cryptographic systems and different applications;
b) issuing and obtaining public key certificates;
c) distributing keys to intended entities, including how to activate keys when received;
d) storing keys, including how authorized users obtain access to keys;
e) changing or updating keys including rules on when to change keys and how this will be done;
f) dealing with compromised keys;
g) revoking keys including how to withdraw or deactivate keys [e.g. when keys have been compromised or when a user leaves an organization (in which case keys should also be archived)];
h) recovering keys that are lost or corrupted;
i) backing up or archiving keys;
j) destroying keys;
k) logging and auditing of key management related activities;
l) setting activation and deactivation dates for keys so that the keys can only be used for the period of time according to the organization’s rules on key management;
m) handling legal requests for access to cryptographic keys (e.g. encrypted information can be required to be made available in an unencrypted form as evidence in a court case).
All cryptographic keys should be protected against modification and loss. In addition, secret and private keys need protection against unauthorized use as well as disclosure. Equipment used to generate, store and archive keys should be physically protected. In addition to integrity, for many use cases, the authenticity of public keys should also be considered.

Other information

The authenticity of public keys is usually addressed by public key management processes using certificate authorities and public key certificates, but it is also possible to address it by using technologies such as applying manual processes for small number keys. Cryptography can be used to achieve different information security objectives, for example:
a) confidentiality: using encryption of information to protect sensitive or critical information, either stored or transmitted;
b) integrity or authenticity: using digital signatures or message authentication codes to verify the authenticity or integrity of stored or transmitted sensitive or critical information. Using algorithms for the purpose of file integrity checking;
c) non-repudiation: using cryptographic techniques to provide evidence of the occurrence or non- occurrence of an event or action;
d) authentication: using cryptographic techniques to authenticate users and other system entities requesting access to or transacting with system users, entities and resources.

When developing a cryptographic policy the following should be considered:

  1. the management approach towards the use of cryptographic controls across the organization, including the general principles under which business information should be protected;
  2. based on a risk assessment. the required level of protection should be identified taking into account the type. strength and quality of the encryption algorithm required
  3. the use of encryption for the protection of information transported by mobile or removable media devices or across communication lines;
  4. the approach to key management, including methods to deal with the protection of cryptographic keys and the recovery of encrypted information in the case of lost, compromised or damaged keys;
  5. roles and responsibilities, e.g. who is responsible for:
    1. the implementation of the policy
    2. the key management, including key generation
  6. the standards to be adopted for effective implementation throughout the organization (which the solution is used for which business processes);
  7. the impact of using encrypted information on controls that rely upon content inspection (e.g. malware detection).

When implementing the organization’s cryptographic policy. consideration should be given to the regulations and national restrictions that might apply to the use of cryptographic techniques in different parts of the world and to the issues of the trans-border flow of encrypted information. Cryptographic controls can be used to achieve different information security objectives, e.g.:
a) confidentiality: using encryption of information to protect sensitive or critical information, either stored or transmitted;
b) integrity/authenticity: using digital signatures or message authentication codes to verify the authenticity or integrity of stored or transmitted sensitive or critical information;
c) non-repudiation: using cryptographic techniques to provide evidence of the occurrence or non- occurrence of an event or action;
d) authentication: using cryptographic techniques to authenticate users and other system entities requesting access to or transacting with system users, entities and resources.
Making a decision as to whether a cryptographic solution is appropriate should be seen as part of the wider process of risk assessment and selection of controls. This assessment can then be used to determine whether a cryptographic control is appropriate, what type of control should be applied and for what purpose and business processes.A policy on the use of cryptographic controls is necessary to maximize the benefits and minimize the risks of using cryptographic techniques and to avoid inappropriate or incorrect use. Specialist advice should be sought in selecting appropriate cryptographic controls to meet the information security policy objectives.

In order to implement encryption effectively throughout the organization, start by developing a strategy that incorporates risk management, compliance requirements, data protection, policies, and standards.

  1. Develop Requirement
    1. Asset Management:  discusses the need to identify and categorize/classify all your information assets. Understanding/knowing where confidential information resides (ex. SSNs, PII) is a critical component in establishing an encryption strategy.
    2. Access Control: addresses the need to ensure authorized access to information resources. Confidential information needs to be protected throughout its lifecycle (access, process, transmit, store).
    3. Compliance: provides information in relation to various legal and information security requirements that stipulate the need to protect specific types of information. These types of requirements (ex. PCI DSS, HIPAA) discuss the need to encrypt specific types of data (cardholder data, electronically protected health information)
    4. Risk Management: emphasizes the importance of analyzing risks to information. Risk treatment activities may include deploying encryption solutions to protect confidential information.
    5. Information Security Policies: stresses that policies provide the direction organizational leadership wants to take in regards to information security goals and objectives. In order to develop an organizational strategy for encryption that will be widely supported and adopted, it’s necessary to gain the support of organizational leadership.
  2. Seek to protect data at rest and in motion using Full Disk Encryption (FDE) solutions and transport layer encryption protocols.
  3. Ensure that your encryption keys are sufficiently strong and well protected using professional and open-source vetted encryption products.
  4. Use encryption algorithms that are up-to-date and strong. AES 256-bit encryption is the gold standard for FDE. TLS 1.2 is the current gold standard for transport layer security.
  5. Provide a means for organizational staff to process confidential data while it is encrypted. Ensure secure data transfer environments in internal and external communication channels.
  6. Protect encryption keys by using long, complex passwords with proper access rights to the keys. Maintain audit logs of access to encryption keys.
  7. Develop a key management process that automates the process of verifying identity and access rights. Active Directory ensures that only active organizational users can access and authenticate secure resources.

It lists requirements that organisations should adhere to when using cryptographic techniques:

  1. Organisations should create and maintain a topic-specific policy on the use of cryptography. This policy is essential for maximizing the benefits of cryptographic techniques and it reduces the risks that may arise from the use of cryptography. It is also noted that this policy should cover general principles governing the protection of information.
  2. Organisations should consider the level of sensitivity of the information assets and the information classification level assigned to them when they decide on the type, strength, and quality of the encryption algorithm.
  3. Organisations should implement cryptographic techniques when information is transferred to mobile devices or to storage media equipment or when information is stored on these devices.
  4. Organisations should address issues related to key management, including the creation and protection of cryptographic keys and the recovery plan for encrypted data in the event that keys are lost or compromised.
  5. Organisations should set out the roles and responsibilities for the following:
    • Establishment and implementation of the rules on how the cryptographic techniques will be used.
    • How keys will be handled, including how they will be generated.
  6. The adoption and approval of standards across the organisation for the cryptographic algorithms, cipher strength, and usage practices for cryptography.
  7. Organisation should address how encrypted information may interfere with the controls that entail the content inspection such as malware detection.

Furthermore, organisations should take into account laws and requirements that may restrict the use of cryptography, including the cross-border transfer of encrypted information and address liability and continuity of services when they enter into service agreements with third parties for the provision of cryptographic services.

Encryption is often a computationally-intensive process and may degrade the performance of IT applications or infrastructure if not implemented in an optimal way. Be sure to calculate the performance requirements of enterprise services and end-users before implementing encryption methods. Develop an implementation strategy, gather requirements, complete test plans, deploy the following best practices of products, and effectively manage ongoing encryption solutions.When considering cryptographic controls it is often helpful to first consider your organization’s data. This data exists in one of three states: at rest, in transit, or undergoing processing. Data are particularly vulnerable to unauthorized access when in transit or at rest. Portable computers (storing data at rest) are a common target for physical theft, while attackers may intercept data in transit over a network through man-in-the-middle attacks or packet capturing and analysis. Unauthorized access may also occur while data processes, but here security systems may rely on the processing application to control and report on such access attempts. When used appropriately, encryption is a powerful tool to prevent unauthorized access to data.

Key Management

The processes underlying all widely accepted ciphers are and should be known, allowing extensive testing by all interested parties: not just the originating cryptographer. We tend to test our expectations of how our software development creations should work instead of looking for ways they deviate from expected behaviour. Our peers do not usually approach our work in that way. Consequently, allowing a large number of people to try to break an encryption algorithm is always a good idea. A secret, proprietary ciphers are suspect. A good encryption solution follows Auguste Kerckhoffs’ principle:

Managing keys requires three considerations:

  1. Where will you store them?
  2. How will you ensure they are protected but available when needed?
  3. What key strength is adequate for the data protected?

1. Key Storage

Many organizations store key files on the same system, and often the same drive, as the encrypted database or files. While this might seem like a good idea if your key is encrypted, it is bad security. What happens if the system fails and the key is not recoverable? Having usable backups helps, but backup restores do not always work as planned. Regardless of where you keep your key, encrypt it. Of course, now you have to decide where to store the encryption key for the encrypted encryption key. None of this confusion is necessary if you store all keys in a secure, central location. Further, do not rely solely on backups. Consider storing keys in escrow, allowing access by a limited number of employees (“key escrow,” ). Escrow storage can be a safe deposit box, a trusted third party, etc. Under no circumstances allow any one employee to privately encrypt your keys.

2. Key Protection

Encrypted keys protecting encrypted production data cannot be locked away and only brought out by trusted employees as needed. Rather, keep the keys available but safe. Key access security is, at its most basic level, a function of the strength of your authentication methods. Regardless of how well protected your keys are when not used, authenticated users (including applications) must gain access. Ensure identity verification is strong and aggressively enforce separation of duties, least privilege, and need-to-know.

3. Key Strength

Most, if not all, attacks against your encryption will try to acquire one or more of your keys. Use of weak keys or untested/questionable ciphers might achieve compliance, but it provides your organization, its customers, and its investors with a false sense of security. So what is considered a strong key for a cipher like AES? AES can use 128-, 192-, or 256-bit keys. 128-bit keys are strong enough for most business data if you make them as random as possible. The key strength is measured by key size and an attacker’s ability to step through possible combinations until the right key is found. However, you choose your keys, ensure you get as close as possible to a key selection process in which all bit combinations are equally likely to appear in the keyspace (all possible keys).

Key Sharing and Digital Signatures

It is obvious from the sections on keys and algorithms that secrecy of the key is critical to the success of any encryption solution. However, it is often necessary to share encrypted information with outside organizations or individuals. For them to decrypt the ciphertext, they need our key. Transferring a symmetric cipher key is problematic. We have to make sure all recipients have the key and properly secure it. Further, if the key is compromised in some way, it must be quickly retired from use by anyone who has it. Finally, the distribution of the key must be secure.

When to Encrypt

  1. Encrypt data that moves: Data moving from one trust zone to another, whether within your organization or between you and an external network, is at high risk of interception. Encrypt it. Data moving from trusted portions of the network to end-user devices over wireless LANs almost always at high risk. Encrypt it.
  2. Encrypt for separation of duties when access controls are not granular enough: For flat file storage, encrypting a spreadsheet file in a department share provides an additional layer of separation. Only employees with the right authorization have access. Application access controls protecting databases often do not provide granular control to strictly enforce need-to-know or least privilege. Using database solutions with the field- and row-level encryption capabilities can help strengthen weak application-level access controls.
  3. Encrypt when someone tells you to: And then there are local, state, and federal regulations. Couple regulatory constraints with auditor insistence and you often find yourself encrypting because you have to. This type of encryption is often based on generalizations instead of the existing security context. For example, just because you encrypt protected health information does not mean it is secure enough… but it satisfies HIPAA requirements.
  4. Encrypt when it is a reasonable and appropriate method of reducing risk in a given situation: This law is actually a summary of the previous three. After performing a risk assessment, if you believe the risk is too high because existing controls do not adequately protect sensitive information, encrypt. This applies to risk from attacks or non-compliance.

How to Encrypt

Implementing secure and operationally efficient encryption solutions is not easy, and maintaining them adds to the total cost of ownership (TCO). Further, data is often spread between internal and cloud-based storage. Any solution you select must support all current and future data storage and transport characteristics. One approach is to purchase a system, install it in your data center, and assign in-house staff to manage it. While this might seem like a good idea, the opportunity costs are high. As with most commodity security controls, encryption solutions can be managed by anyone; they do not require the special knowledge of the business possessed by you or other members of the internal security and LAN teams. Your skills are better applied to projects, assessments, and other business-critical activities. Consequently, consider outsourcing encryption and key management. Encryption-as-a-Service (EaaS) vendors provide all the services and protection we discussed, including key management and encryption according to business policy. In addition to encrypting the data center, they can also serve as a third-party that ensures all data housed by your other cloud service providers are managed by encryption policies as if it were in your own data center. The EaaS provider does not house your data, only your keys. Your in-house administrator, via a Web interface, performs configuration of encryption policies and subject access. Software as a service (SaaS) or storage as service providers has no access to data while at rest. Finally, the “cloud” can also mean your own data center. Whether in-house or outsourced, make sure your centralized encryption solution meets the following requirements:

  • Enforcement of your data encryption policies across all relevant data, wherever it is in your network or in the cloud
  • Granular access to policy and key management functions based on the separation of duties and least privilege
  • Publicly known, tested, and unbroken ciphers used for all encryption

Back to Home Page

If you need assistance or have any doubt and need to ask any questions contact me at You can also contribute to this discussion and I shall be happy to publish them. Your comments and suggestion are also welcome.

Leave a Reply