💼 3 APRA envisages that a regulated entity would select encryption algorithms from the population of well-established and proven international standards that have been subjected to rigorous public scrutiny and verification of effectiveness. The length of a cryptographic key would typically be selected to render a brute force attack9 impractical (i.e. would require an extremely long period of time to breach using current computing capabilities).