Section
6.5.1
Top Level
Sub Level
General
Use a strong algorithm for digital signatures and encryption.
Coldfusion
ColdFusion 8 provides six encryption functions: decrypt()
,decryptBinary()
, encrypt()
, encryptBinary()
, generateSecretKey()
, and hash()
.
Use AES or higher for symmetric encryption.
Use SHA-256 or higher for the hash function.
Use a salt (or random string) for password generation with the hash function.
Always use generateSecretKey()
to generate keys of the appropriate length for block encryption algorithms unless a customized key is required.
Natural Webagent
This does not apply to Natural or webAgent.