3.6.1 Generation of strong cryptographic keys

3.6.1.a Verify that key-management procedures specify how to generate strong keys.
3.6.1.b Observe the procedures for generating keys to verify that strong keys are generated.

The encryption solution must generate strong keys, as defined in the PCI DSS and PA-DSS Glossary of Terms, Abbreviations, and Acronyms under “Cryptographic Key Generation.” Use of strong cryptographic keys significantly increases the level of security of encrypted cardholder data.