Cisco developed Next Generation Encryption (NGE) in 2011. NGE was created to define a widely accepted and consistent set of cryptographic algorithms that provide strong security and good performance for our customers. These are the best standards that can be implemented today to meet the security and scalability requirements for network security in the years to come; or to interoperate with the cryptography that will be deployed in that time frame. Most importantly, all of the NGE algorithms, parameters, and key-sizes are widely believed to be secure. No attacks against these algorithms have been demonstrated.
Recently there has been attention on Quantum-Computers (QC) and their potential impact on current cryptography standards. Quantum-computers and quantum algorithms is an area of active research and growing interest. Even though practical quantum-computers have not been demonstrated until now, if quantum-computers became a reality they would pose a threat to crypto standards for PKI (RSA, ECDSA), key exchange (DH, ECDH) and encryption (AES-128). These standards are also used in Cisco NGE.
An algorithm that would be secure even after a quantum-computer is built is said to have postquantum security or be quantum-computer resistant (QCR). AES-256, SHA-384 and SHA-512 are believed to be postquantum secure.
Read More »
Tags: cryptography, encryption, Next Generation Encryption, postquantum cryptography
Cisco’s early adoption and implementation of Next Generation Encryption (NGE) is paving the way for the next decade of cryptographic security. NGE provides a complete algorithm suite, comprised of authenticated encryption, digital signatures, key establishment and cryptographic hashing. These components provide high levels of security and scalability, aimed at setting the standard for the next 10 years of encryption.
The next generation of encryption technologies meets the evolving needs of agencies and enterprises by utilizing modern, but well reviewed and tested cryptographic algorithms and protocols. As an example, Elliptic Curve Cryptography (ECC) is used in place of the more traditional Rivest-Shamir-Adleman (RSA) algorithms. By upgrading these algorithms, NGE cryptography prevents hackers from having a single low-point in the system to exploit and efficiently scales to high data rates, while providing all of the security of the Advanced Encryption Standard (AES) cipher
As computing power exponentially increases over time, according to Moore’s Law, attackers have access to more powerful tools to crack encryption keys. However, NGE is capable of staying ahead of this curve by improving security and robustness of Cisco’s already market leading trusted solutions to meet emerging global standards into the future.
Check out the video below to learn more about NGE:
TechWiseTV 119: Next Generation Encryption:
Tags: authenticated encryption, cryptographic hashing, crytography, digital signatures, encryption, key establishment, Next Generation Encryption, NGE