Protect The Confidentiality And Integrity Of Sensitive Information With GO-ITS 25.12

The Government of Ontario Information Technology Standards (GO-ITS) provide guidelines, standards, and practices for the Ontario Public Service. It defines the requirements and best practices to protect the Government of Ontario’s computer systems and networks. GO-ITS 25.12 defines the requirements for the use of cryptography and its type and strength within the Government of Ontario.

In the standard, the requirements associated must mean that the condition is mandatory, and the requirements related should imply that they are recommendations. These requirements apply to all the vendors, agencies, ministries, and third parties under contract with the Government of Ontario.

Cryptography is used to protect the confidentiality and integrity of sensitive information.

The cryptographic algorithms that are used for these purposes are:

1. Symmetric Encryption

   Symmetric Encryption involves using a single key for both encryption and decryption of the information. The key is shared between the entities through a secure channel. Symmetric encryption is primarily used to ensure confidentiality. The main advantages of symmetric encryption are speed and ease of understanding.

2. Asymmetric Encryption

   Asymmetric encryption uses a unique key pair for each user. The keypair consists of a public key that is known to everyone and a private key that is never shared and must be kept secret. Asymmetric encryption is primarily used for digital signatures and key management within large groups of users.

3. Hash Functions

   These are one-way functions that map a variable-length input to a fixed-length output string. Secure hash functions are primarily used to protect data integrity.

The management of encryption keys is essential for the secure use of cryptographic techniques. Key management is the process of managing the encryption keys throughout their lifecycle, including secure generation, storage, distribution, use, and destruction.

Requirements of GO-ITS

As per the standard, cryptographic material must be securely protected, including creation, storage, distribution, use, revocation, destruction, and recovery of keys. The requirements are subdivided as per different areas:

Education and Training

• Technical staff that develops, implements, or manages the systems must be aware of the cryptography requirements as per the standard.

Information in Storage

• Sensitive information should be encrypted in storage or stored operationally using secure hash functions.
• Encrypted sensitive data stored for more than two years must be encrypted as per a high-risk environment.
• If the responsibility of the encrypted data is transferred to another organization and the previous organization is no longer authorized, the data must be encrypted by the new organization with a new key.
• Mobile devices such as smartphones, tablets, removable media, portable computers that are processing or storing sensitive data must encrypt the entire device storage.
• If sensitive data is stored on desktop computers, the data must be encrypted.
• Sensitive data must be encrypted at the column or data field/cell level before being written to a data repository.

Communications Security

• Sensitive information must be encrypted in transit using appropriate means.
• The integrity of sensitive data must be verified using an approved message authentication code or digital signature. Digital signatures must use an accurate timestamp from a valid reference time source.

Cryptography deployment

• All cryptography applications must use a random number generator or pseudo-random number generator; check the validity of certificates and use only valid certificates.
• Applications must securely delete decrypted information retained in the cache or temporary memory immediately after completing the related activity.
• Applications that process and access sensitive data must undergo security testing and evaluation (STE) prior to implementation.

Protection of cryptographic materials

• Access to the cryptographic materials must be restricted to authorized users, applications, or services.
• Cryptography keys must be protected as per the sensitivity of the information they are protecting.
• Wherever possible, keys should be generated via a secure software module or a Hardware Security Module. For the generation of keys that protect sensitive information, the modules should be on-premises.

Hardware Security Modules (HSMs)

Hardware security modules are used for secure key generation, storage, and management of cryptographic keys.

• HSMs must be compliant with FIPS 140-2 level 2.
• If HSMs are storing highly sensitive information and are located off-premises, then they should be compliant with FIPS 140-2 level 3.
• They must be deployed in a manner to reduce exposure to attacks.
• They must be operated as per least privilege and segregation of duties principles.
• They must be monitored and audited.
• HSM firmware must be securely managed.

Key Management:

• Key management procedures must be developed for all applications using cryptographic systems to protect sensitive data.
• Key management procedures must address key generation, key assignment, key revocation, re-keying, key distribution, and key destruction.
• Keys created for test purposes must not be used in a production environment, and production keys must not be used in a test environment.

Recovery of encrypted information

• Cryptographic services must have a secure mechanism to recover symmetric and asymmetric decryption keys to decrypt the encrypted data in storage.
• Decryption keys must be recoverable after their expiration to enable decryption of data in archived backups.

Symmetric algorithm modes of operation

• The Electronic Code Book (ECB) mode of operation must not be used.
• AES Galois/Counter Mode (GCM) should be used instead of CBC mode.
• When using the GCM mode of operation, avoid repeating Initialization Vectors (IVs) with a given key or encrypting more than 264 blocks with a given key.

Transport Layer Security

• Internet browsers, applications, and systems must support TLS.
• TLS 1.2 and 1.3 should be used.
• The SSL protocol and early versions of TLS protocol must not be used as they are vulnerable to attacks.
• TLS cipher suite algorithms must be selected as per the approved cryptographic algorithms and minimum key length.
• Client or server connections that request the use of weaker protocols or a reduction in the strength of cryptographic systems must be denied.

Emerging Threats

Emerging technical threats that could pose a significant challenge to the existing cryptography must be addressed. Cryptographic agility, understanding interoperability requirements and relevant supply chains, asset management, and risk management are the best courses of action regarding potential threats against cryptography.