Crypto Protocols — modularCISO

Module 02 · Lesson 08

Crypto protocols: safe vs broken

Which algorithms are safe, which are broken, and how to evaluate what your organization is using.

Algorithm Scorecard

The status of every algorithm that matters

AlgorithmTypeStatusNotes

AES-256-GCMSymmetricSafeGold standard. Encryption + authentication (AEAD).

ChaCha20SymmetricSafeTLS alt to AES. Faster on mobile without AES-NI.

Ed25519AsymmetricSafeSSH keys, code signing. Fast, deterministic.

ECDSA P-256AsymmetricSafeModern TLS cert default. Small key size.

RSA-2048AsymmetricOKMinimum acceptable. Migrate to ECDSA.

SHA-256HashSafeCurrent hashing standard.

3DESSymmetricDeadSweet32. NIST deprecated 2023.

RC4StreamDeadBanned in TLS (RFC 7465).

MD5HashDeadCollisions since 2004.

SHA-1HashDeadSHAttered 2017. Deprecated.

TLS Versions

Version matters enormously

VersionStatusAction

SSL 2.0/3.0BrokenDisable immediately. POODLE, trivially exploitable.

TLS 1.0DeadBEAST. PCI banned 2018. Browsers dropped 2020.

TLS 1.1DeadWeak ciphers. Browsers dropped 2020.

TLS 1.2OKSecure with AEAD ciphers. Disable CBC mode.

TLS 1.3BestFaster. Weak ciphers removed by design. PFS mandatory.

Forward secrecy: Compromised key tomorrow can't decrypt today's traffic. TLS 1.3 enforces this. TLS 1.2 needs ECDHE suites.

Password Hashing

Why encryption is wrong for passwords

Plain hash: SHA-256("password") same every time. Rainbow tables. GPUs: billions/sec.

Add salt: SHA-256(salt + password) unique per user. Rainbow tables useless. Still too fast.

Key stretching: PBKDF2(password, salt, 100K) deliberately slow. 10K guesses/sec not 1 billion.

★

Memory-hard: Argon2id/bcrypt require memory per hash. Neutralizes GPU advantage. Gold standard.

Ranking: Argon2id > bcrypt > PBKDF2 > SHA-256 plain > MD5 > Plaintext

Post-Quantum

"Harvest now, decrypt later"

Nation-states are capturing encrypted traffic today, storing it, waiting for quantum computers in 5-15 years.

If data will be sensitive in 10+ years (gov, defense, healthcare, M&A, trade secrets) plan your PQC migration now.

NIST standardized in 2024: ML-KEM (key exchange, in Chrome), ML-DSA (signatures), SLH-DSA (backup). AES-256 stays safe.

CISO Action

1. Inventory crypto usage. 2. Find RSA/ECC key exchange. 3. Prioritize hybrid (classical+PQC) for sensitive data. 4. Watch vendor roadmaps. 3-5 year migration.

Key Takeaway

The red flag checklist

Escalate immediately: DES/3DES in use · MD5 for passwords · SHA-1 for certs · RC4 anywhere · RSA <2048 · SSL/TLS 1.0-1.1 · Self-signed certs in prod · Hardcoded keys in source

Remember this

You don't configure algorithms. You audit what's deployed and raise the alarm when something is broken. Run ssllabs.com. Ask about password hashing. Check TLS config. These conversations prevent breaches.

1 / 6