Under active development — Content is continuously updated and improved

Home / Frameworks / SCF / CRY — Cryptographic Protections

CRY — Cryptographic Protections

Official SCF Download

29 controls in the Cryptographic Protections domain

CRY-01Use of Cryptographic Controls

CRY-01.1Alternate Physical Protection

CRY-01.2Export-Controlled Cryptography

CRY-01.3Pre/Post Transmission Handling

CRY-01.4Conceal / Randomize Communications

CRY-01.5Cryptographic Cipher Suites and Protocols Inventory

CRY-02Cryptographic Module Authentication

CRY-03Transmission Confidentiality

CRY-04Transmission Integrity

CRY-05Encrypting Data At Rest

CRY-05.1Storage Media

CRY-05.2Offline Storage

CRY-05.3Database Encryption

CRY-06Non-Console Administrative Access

CRY-07Wireless Access Authentication & Encryption

CRY-08Public Key Infrastructure (PKI)

CRY-08.1Availability

CRY-09Cryptographic Key Management

CRY-09.1Symmetric Keys

CRY-09.2Asymmetric Keys

CRY-09.3Cryptographic Key Loss or Change

CRY-09.4Control & Distribution of Cryptographic Keys

CRY-09.5Assigned Owners

CRY-09.6Third-Party Cryptographic Keys

CRY-09.7External System Cryptographic Key Control

CRY-10Transmission of Cybersecurity & Data Protection Attributes

CRY-11Certificate Authorities

CRY-12Certificate Monitoring

CRY-13Cryptographic Hash

← Back to all controls