Skip to content

Crypto Streangth- JP CRYPTO REC recommended 192 bits instead of 128 bits as of today. #846

Description

@bitbucket-import-issues

Originally submitted by Nat (Nat Sakimura) on 2026-03-30

Japanese government crypto suite council, CRYPTOREC, which I declined to be a member of, issued a new guidance retiring 128-bit security algorithms and moving to 192-bit security.
Also, it has started including ML-KEM and hybrid mode.

That will be coming. ID Token will not be affected much, unless you need it as evidence on a later day. i.e., should be appropriately timestamped.

For other signature algorithms, mTLS means swapping the client certificate to be hybrid or at least make the validity short, server certificate the same, more towards the hybrid.
Need to dig a bit deeper on DPOP.
The encryption part is more of an issue, because collect now, decrypt later can be launched.

This was Japan, but it will come to IETF pretty soon, so we beter start getting ready to it.


Bitbucket status: new

Bitbucket origin: issue 858

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions