ETSI TS 119 312 V1.5.1 (2024-12) - Electronic Signatures and Trust Infrastructures (ESI); Cryptographic Suites #328
Description
Formal name
ETSI TS 119 312 - Electronic Signatures and Trust Infrastructures (ESI); Cryptographic Suites
Overview
The present document lists cryptographic suites used for the creation and validation of digital signatures and electronic timestamps and related certificates. The present document builds on the agreed cryptographic mechanisms from SOG-IS. It may be used also for electronic registered delivery services in the future. In contrast to previous versions of the present document, specific end dates are provided.
The present document works on the assumption that the validity period (i.e. between notBefore and notAfter) of (qualified) end-entity certificates issued by trust services providers is typically three years. The present document focuses on interoperability issues and does not duplicate security considerations given by other standardization bodies, security agencies or supervisory authorities of the Member States. It instead provides guidance on the selection of concrete cryptographic suites that use agreed mechanisms.
The use of SOG-IS agreed mechanisms is meant to help ensure a high level of security in the recommended cryptographic suites, while the focus on specific suites of mechanisms is meant to increase interoperability and simplify design choices.
There is no normative requirement on selection among the alternatives for cryptographic suites given here but for all of them normative requirements apply to ensure security and interoperability. The present document also provides guidance on hash functions, (digital) signature schemes and (digital) signature suites to be used with the data structures used in the context of digital signatures and seals. For each data structure, the set of algorithms to be used is specified.
Work Plan
- ETSI: Status of the Work Item (WI): https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=74949
- The EC will follow up with ETSI on this standard. New Requirements have to be identified and the standard will have to be updated accordingly. It needs maintenance and prompt alignment with ECCG deliverables.
- Updated versions of the standards will need to be reviewed prior to being referenced in the ARF or the Implementing Acts.
Tasks
- The EC will follow up with ETSI regarding the update of this standard related to the relevant requirements.
Alerts
ETSI, 2025-07-28, updated 2025-07-31: ETSI is currently working on moving the guidance on cryptographic algorithms from being based on SOGIS to ECCG. See work package description: https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=74949
This is planned to be available before the end 2025. TS 119 312 is indirectly referenced by EN 319 411-2 through EN 319 411-1.