≤ 56 symmetric, ≤ 512 asymmetric, and ≤ 112 bit elliptic curve

Category 5 Part 2 includes certain key length thresholds for cryptography.

Specifically, items designed or modified to use cryptography with a “symmetric algorithm” employing a key length in excess of 56-bits are controlled in Category 5, Part 2. Therefore, items with a key length of 56 bits or less are not in Cat. 5, Part 2.  Note that parity bits do not count towards the key length.
Symmetric algorithms use an identical key for both encryption and decryption.

Asymmetric algorithms use different, mathematically related keys for encryption and decryption.
An “Asymmetric algorithm” is NOT controlled in Category 5 Part 2 if the security of the algorithm is based on any of the following:

      -    Factorization of integers in 512 bits or less (e.g., RSA);
      -    Computation of discrete logarithms in a multiplicative group of a finite field of size 512 bits or less                                                         (e.g., Diffie- Hellman over Z/pZ); or
      -    Discrete logarithms in a group of 112 bits or less (e.g., Diffie-Hellman over an elliptic curve)

Therefore, items with a key length ≤ 56 symmetric,  ≤ 512 asymmetric, and ≤ 112 bit elliptic curve are not classified in Cat. 5 Part 2. In that case, you should review other Categories on the CCL (e.g., Cat. 4 or Cat. 5, Part 1).  If it is not described in any other Category then it can be classified as EAR99.


© BIS 2016