How many bits must FBI CJIS data/CHRI be encrypted to when transmitted over a public network?

The correct answer is that FBI CJIS data, specifically Criminal History Record Information (CHRI), must be encrypted to a minimum of 128 bits when transmitted over a public network. This standard ensures a robust level of security for sensitive data, aligning with the FBI's Criminal Justice Information Services (CJIS) Security Policy.

Using 128-bit encryption provides a strong defense against various forms of cyber threats, such as interception and unauthorized access, which are particularly concerning when dealing with law enforcement and criminal justice data. The encryption process converts the sensitive data into a format that is unreadable without the appropriate decryption key, thereby protecting the integrity and confidentiality of the information during transmission.

While there are stronger encryption standards, such as 256 bits, the minimum requirement set forth by the CJIS Security Policy is 128 bits. This requirement is designed to offer a balance between security and the practicalities of data processing and transmission speeds, ensuring that law enforcement agencies can operate effectively while adhering to stringent security protocols.