This document is primarily addressed to developers and evaluators. Its purpose is to specify which cryptographic mechanisms are recognised agreed, i.e., ready to be accepted by all national cybersecurity certification authorities (NCCAs).

This document could also help developers, decision makers and users of cryptography to decide which cryptographic mechanisms are state-of-the-art and could cover their need for cryptographic protection, e.g., confidentiality, integrity, data origin authentication and authentication.

This document focuses mainly on security against adversaries interacting with the mechanisms through their standard interface. It contains however advice and caveats related to the implementation of mechanisms, when it is felt that they may be useful to the developers/evaluators and are crucial for security, e.g. typically to warn against implementation errors that are most commonly made.

Agreed cryptographic mechanisms are subdivided into two categories, according to their estimated robustness. This is the confidence placed in their ability to withstand attacks, in the absence of groundbreaking cryptanalytic improvements, e.g., publication of new attacks, implementation of a quantumncomputer.