Anthropic-Cybersecurity-Skills/skills/implementing-aes-encryption-for-data-at-rest/references/standards.md

Standards and References - AES Encryption for Data at Rest

Primary Standards

NIST FIPS 197 - Advanced Encryption Standard (AES)

• URL: https://csrc.nist.gov/publications/detail/fips/197/final
• Description: Defines the AES algorithm (Rijndael) with key sizes of 128, 192, and 256 bits
• Block size: 128 bits (16 bytes)
• Key sizes: 128, 192, or 256 bits
• Rounds: 10 (128-bit), 12 (192-bit), 14 (256-bit)

NIST SP 800-38D - Recommendation for Block Cipher Modes: GCM and GMAC

• URL: https://csrc.nist.gov/publications/detail/sp/800-38d/final
• Description: Specifies Galois/Counter Mode (GCM) for authenticated encryption
• IV length: 96 bits recommended for GCM
• Tag length: 128 bits recommended (minimum 96 bits)
• Max plaintext: 2^39 - 256 bits per invocation

NIST SP 800-132 - Recommendation for Password-Based Key Derivation

• URL: https://csrc.nist.gov/publications/detail/sp/800-132/final
• Description: Covers PBKDF2 for deriving cryptographic keys from passwords
• Minimum iterations: 600,000 (OWASP 2024 recommendation for PBKDF2-SHA256)
• Salt length: Minimum 128 bits (16 bytes)

NIST SP 800-38A - Recommendation for Block Cipher Modes of Operation

• URL: https://csrc.nist.gov/publications/detail/sp/800-38a/final
• Description: Defines ECB, CBC, CFB, OFB, and CTR modes

NIST SP 800-57 Part 1 Rev. 5 - Key Management

• URL: https://csrc.nist.gov/publications/detail/sp/800-57-part-1/rev-5/final
• Description: Recommendations for cryptographic key lengths and algorithms
• AES-256 security strength: 256 bits
• Recommended until: Beyond 2031

RFC Standards

RFC 5116 - An Interface and Algorithms for Authenticated Encryption

• URL: https://www.rfc-editor.org/rfc/rfc5116
• Description: Defines AEAD interface including AES-GCM

RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)

• URL: https://www.rfc-editor.org/rfc/rfc5869
• Description: Key derivation from existing key material (not passwords)

RFC 9106 - Argon2 Memory-Hard Function

• URL: https://www.rfc-editor.org/rfc/rfc9106
• Description: Argon2 password hashing / key derivation specification
• Recommended variant: Argon2id (hybrid of Argon2i and Argon2d)

Compliance Frameworks

PCI DSS v4.0 - Requirement 3

• Encrypt stored cardholder data with strong cryptography
• AES-256 meets the strong cryptography requirement
• Key management procedures required

HIPAA Security Rule - 45 CFR 164.312(a)(2)(iv)

• Encryption of ePHI at rest is an addressable implementation specification
• AES-256 is an acceptable encryption method

GDPR Article 32 - Security of Processing

• Encryption is listed as an appropriate technical measure
• AES-256 satisfies encryption requirements for personal data protection

Python Library References

cryptography (pyca/cryptography)

• URL: https://cryptography.io/en/latest/
• PyPI: https://pypi.org/project/cryptography/
• AES-GCM: cryptography.hazmat.primitives.ciphers.aead.AESGCM
• PBKDF2: cryptography.hazmat.primitives.kdf.pbkdf2.PBKDF2HMAC

PyCryptodome

• URL: https://pycryptodome.readthedocs.io/
• PyPI: https://pypi.org/project/pycryptodome/
• AES-GCM: Crypto.Cipher.AES with MODE_GCM