National Institute of Standards and Technology (NIST) security compliance

To conform to the security requirements for the National Institute of Standards and Technology (NIST) standards as specified in the publication 800-131a, applications must use strengthened security by defining specific algorithms that can be used and what their minimum strengths are.

These standards specify the cryptographic algorithms and key lengths that are required in order to remain compliant with NIST security standards. For more information on NIST security standards, see

Algorithms and key strengths that are not allowed for strict NIST 800-131a compliance include::

  • RSA keySize < 2048
  • DSA keySize < 2048
  • EC keySize < 224
  • SHA1
  • SHA-1
  • MD2
  • MD4
  • MD5
  • RC2
  • RC4
  • DES