欢迎来到麦多课文档分享! | 帮助中心 海量文档,免费浏览,给你所需,享你所想!
麦多课文档分享
全部分类
  • 标准规范>
  • 教学课件>
  • 考试资料>
  • 办公文档>
  • 学术论文>
  • 行业资料>
  • 易语言源码>
  • ImageVerifierCode 换一换
    首页 麦多课文档分享 > 资源分类 > PDF文档下载
    分享到微信 分享到微博 分享到QQ空间

    ANSI INCITS ISO IEC 11770-2-1996 Information technology - Security techniques - Key management - Part 2 Mechanisms using symmetric techniques.pdf

    • 资源ID:436071       资源大小:1.20MB        全文页数:20页
    • 资源格式: PDF        下载积分:10000积分
    快捷下载 游客一键下载
    账号登录下载
    微信登录下载
    二维码
    微信扫一扫登录
    下载资源需要10000积分(如需开发票,请勿充值!)
    邮箱/手机:
    温馨提示:
    如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
    如需开发票,请勿充值!如填写123,账号就是123,密码也是123。
    支付方式: 支付宝扫码支付    微信扫码支付   
    验证码:   换一换

    加入VIP,交流精品资源
     
    账号:
    密码:
    验证码:   换一换
      忘记密码?
        
    友情提示
    2、PDF文件下载后,可能会被浏览器默认打开,此种情况可以点击浏览器菜单,保存网页到桌面,就可以正常下载了。
    3、本站不支持迅雷下载,请使用电脑自带的IE浏览器,或者360浏览器、谷歌浏览器下载即可。
    4、本站资源下载后的文档和图纸-无水印,预览文档经过压缩,下载后原文更清晰。
    5、试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。

    ANSI INCITS ISO IEC 11770-2-1996 Information technology - Security techniques - Key management - Part 2 Mechanisms using symmetric techniques.pdf

    1、INTERNATIONAL STANDARD ISO/IEC I 1770-2 First edition 1996-04-I 5 Information technology - Security techniques - Key management - Part 2: Mechanisms using symmetric techniques Technologies de /information - Techniques de s see for example IS0 8732. Besides key establishment, goals of such a mechanis

    2、m may include unilateral or mutual authentication of the communicating entities. Further goals may be the verification of the integrity of the established key, or key confirmation. The following standards contain provisions which, through reference in this text, constitute provisions of this part of

    3、 ISO/IEC 11770. At the time of publication, the editions indicated were valid. All standards are subject to revision, and parties to agreements based on this part of ISO/IEC 11770 are encouraged to investigate the possibility of applying the most recent editions of the standards indicated below. Mem

    4、bers of IEC and IS0 maintain registers of currently valid International Standards. IS0 7498-2: 1989, Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture. ISO/IEC 9798-2: 1994, Information technology - Security techniques - Entity auth

    5、entication - Part 2: Mechanisms using symmetric encipherment algorithms. This part of ISO/IEC 11770 addresses three environments for the establishment of keys: Point-to-Point, Key Distribution Centre (KDC) and Key Translation Centre (KTC). This part of ISOiIEC 11770 describes the required content of

    6、 messages which carry keying material or are necessary to set up the conditions under which the keying material can be established. The document does not indicate other information which may be contained in the messages or specify other messages such as error messages. The explicit format of message

    7、s is not within the scope of this part of ISO/IEC 11770. ISOIIEC 9798-4: 1995, Information technology - Security techniques - Entity authentication - Part 4: Mechanisms using a cryptographic check function. lSO/lEC 11770-l: - , Information technology - Security techniques - Key management - Part I:

    8、Key management framework. 3 Definitions and Notation 3.1 Definitions This part of ISO/IEC 11770 does not explicitly address the issue of interdomain key management. This part of ISO/IEC 11770 also does not define the implementation of key management mechanisms; there may be different products that c

    9、omply with this part of ISO/IEC 11770 and yet are not compatible. For the purposes of this part of ISO/IEC 11770 the definitions given in ISO/IEC 11770-l apply. In addition, this part of ISO/IEC 11770 makes use of the following terms: 3.1.1 distinguishing identifier: Information which unambiguously

    10、distinguishes an entity. 1 To be published. 1 ISO/IEC 11770-2:1996(E) ISO/IEC 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.1.7 3.1.8 3.1.9 3.1.10 entity authentication: The corroboration that an entity is the one claimed. key confirmation: The assurance for one entity that another identified entity is in possess

    11、ion of the correct key. key control: The ability to choose the key, or the parameters used in the key computation. key generating function: A function which takes as input a number of parameters, at least one of which shall be secret, and which gives as output keys appropriate for the intended algor

    12、ithm and application. The function shall have the property that it shall be computationally infeasible to deduce the output without prior knowledge of the secret input. point-to-point key establishment: The direct establishment of keys between entities, without involving a third party. random number

    13、: A time variant parameter whose value is unpredictable. redundancy: Any information that is known and can be checked. sequence number: A time variant parameter whose value is taken from a specified sequence which is non-repeating within a certain time period. time variant parameter: A data item use

    14、d to verify that a message is not a replay, such as a random number, a sequence number, or a time stamp. 3.2 Notation Throughout this part of ISO/IEC 11770 the following notation is used: x is the distinguishing identifier of entity X. KDC denotes a Key Distribution Centre. KTC denotes a Key Transla

    15、tion Centre. T is the distinguishing identifier of the Key Distribution Centre or the Key Translation Centre. F denotes keying material. KXY is a secret key associated with the entities X and Y. R is a random number. Rx is a random number issued by entity X. T/N is a time stamp or a sequence number.

    16、 Txmx is a time stamp or a sequence number issued by entity X. TVP is a time variant parameter. TVPx eK(Z) WZ) VW) f x II y is a time variant parameter issued by entity X. is the result of the encipherment of data Z with a symmetric algorithm using the key K. is the result of the decipherment of dat

    17、a Z with a symmetric algorithm using the key K. is the result of a cryptographic check function computed on data Z using the key K. vK(Z) is also called message authentication code (MAC) and may be denoted as macK(Z). denotes a key generating function. is the result of the concatenation of data item

    18、s X and Y in that order. The fields Textl, Text2, . . . specified in the mechanisms may contain optional data for use in applications outside the scope of this part of ISO/IEC 11770 (they may be empty). Their relationship and contents depend upon the specific application. One such possible applicati

    19、on is message authentication (see annex B for an example). Likewise, optional plaintext text fields may be prepended or appended to any of the messages. They have no security implications and are not explicitly included in the mechanisms specified in this part of ISO/IEC 11770. Data items that are o

    20、ptional in the mechanisms are shown in italics. 4 Requirements The key establishment mechanisms specified in this part of ISO/IEC 11770 make use of symmetric cryptographic techniques, more specifically symmetric encipherment algorithms and/or key generating functions. The cryptographic algorithms an

    21、d the key life-time shall be chosen such that it is computationally infeasible for a key to be deduced during its life-time. If the following additional requirements are not met, the key establishment process may be compromised or it cannot be implemented. For those mechanisms making use of a symmet

    22、ric encipherment algorithm, either assumption a) or assumption b) is required. 4 The encipherment algorithm, its mode of operation and the redundancy in the plaintext shall provide the recipient with the means to detect forged or manipulated data. b) The integrity of the enciphered data shall be ens

    23、ured by a data integrity mechanism. If a hash-function is used for this purpose the hash-code shall either be appended to the data before encipherment or be placed in a plaintext text field. ISO/IEC ISO/IEC 11770-2:1996(E) NOTES 5.1 Key Establishment Mechanism 1 1 - Modes of operation for block ciph

    24、er algorithms are standardized in ISOiIEC 10116. 2 - A data integrity mechanism is standardized in ISO/IEC 9797. Hash-functions are standardized in ISO/IEC 10118. 3 - When a KDC or KTC is involved, assumptions a) and b) are not always equivalent in terms of the ability to detect unambiguously on whi

    25、ch link an active attack is being performed. See Annex B for examples. In key establishment mechanism 1 the key K is derived from a time variant parameter TVP, e.g., a random number R, a time stamp T, or a sequence number N, using a key generating function. Key establishment mechanism 1 provides no

    26、authentication of the key K established by the mechanism. fie mechanism requires that A is able to generate a TVP. IZI A (1) TwJ B In each exchange specified in the mechanisms of clauses 5, 6 and 7, the recipient of a message shall know the claimed identity of the originator. If this is not the case

    27、 from the context in which the mechanism is being used then this could, e.g., be achieved by the inclusion of identifiers in additional plaintext text fields of certain of the messages. Keying material may be established using either secure or insecure communication channels. When using only symmetr

    28、ic cryptographic techniques, at least the first key shall be exchanged between two entities using a secure channel in order to allow secure communications. The key establishment mechanisms in this part of ISO/IEC 11770 require the use of time variant parameters such as time stamps, sequence numbers,

    29、 or random numbers. In this context the use of the term random number also includes unpredictable pseudo-random numbers. The properties of these parameters, in particular that they are non-repeating, are important for the security of these mechanisms. For additional information on time variant param

    30、eters see Annex B of ISO/IEC 9798-2. Figure 1 - Mechanism 1 Steps: (1) A generates a random number R, a time stamp T, or a sequence number N and transfers it to B. (1 a) Both A and B then derive the key K by using a key generating function P with inputs the shared secret key KAB and the time variant

    31、 parameter TVP: K = f(KAB, TVP). See Annex B for examples of possible key generating functions. NOTE - To also provide authentication, key establishment mechanism 1 may be combined with an authentication mechanism as specified in 9798-2 or 9798-4. See annex B for an example. 5 Point-to-Point Key Est

    32、ablishment The basic mechanism of every key establishment scheme is point-to-point key establishment which requires that the entities already share a key so that further keys may be established directly between the entities. For the implementation of the mechanisms specified in this clause it is ass

    33、umed that 5.2 Key Establishment Mechanism 2 In key establishment mechanism 2 the key K is supplied by entity A. The mechanism provides no authentication of the key K established by the mechanism nor does it provide entity authentication. l A key KAB is shared by the entities A and B. l At least one

    34、of A or B is able to generate, acquire or (1) eKAB( F 11 Textf ) contribute to a secret key K as described in the individual mechanism. A 0 Security requirements are concerned with the c confidentiality of K, and modification and replay Figure 2 - Mechanism 2 detection. 3 ISO/IEC 11770-2:1996(E) 0 I

    35、SO/IEC Steps: (1) A sends B the keying material F (key K and optional data) enciphered with KAn. (la) On receipt of the message, B deciphers the enciphered part and thus obtains the key K. 5.3 Key Establishment Mechanism 3 Key establishment mechanism 3 is derived from the one pass entity authenticat

    36、ion mechanism of ISO/IEC 9798-2, clause 5.1.1. In this mechanism the key K is supplied by entity A. Key establishment mechanism 3 provides unilateral authentication, i.e., entity A is authenticated by the mechanism. Uniqueness/timeliness is controlled by time stamps or sequence numbers. The mechanis

    37、m requires that both A and B are able to maintain mechanisms for generating or verifying the validity of time stamps T or sequence numbers N. i (1) eKAe(TlN II B II F II Textl) A Figure 3 - Mechanism 3 Steps: (1) A sends B a time stamp or sequence number T/N, the distinguishing identifier B, and the

    38、 keying material F (key K and optional data). The inclusion of the distinguishing identifier B is optional. The data fields are enciphered with KAn. (la) On receipt of the message, B deciphers the enciphered part, checks the correctness of its distinguishing identifier, if present, checks the time s

    39、tamp or sequence number, and obtains the key K. NOTE - Distinguishing identifier B is included in step (1) to prevent a substitution attack, i.e., the re-use of this message by an adversary masquerading as B (see Annex A). In environments where such attacks cannot occur, the identifier may be omitte

    40、d. 5.4 Key Establishment Mechanism 4 Key establishment mechanism 4 is derived from the two pass unilateral entity authentication mechanism of ISO/IEC 9798-2, clause 5.1.2. In this mechanism the key K is supplied by entity A. Key establishment mechanism 4 provides unilateral authentication, i.e., ent

    41、ity A is authenticated by the mechanism. Uniqueness/timeliness is controlled by a random number RB. The mechanism requires that B is able to generate random numbers. Steps: (1) (2) (24 (1) RB (2) eKAB(RB II I3 II F II Text?) Figure 4 - Mechanism 4 B sends A a random number Rn. A sends B the received

    42、 number Rn, the distinguishing identifier B, and the keying material F (key K and optional data). The inclusion of the distinguishing identifier B is optional. The data fields are enciphered with KAn. On receipt of message (2), B deciphers the enciphered part, checks the correctness of its distingui

    43、shing identifier, if present, checks that the random number RB, sent to A in step (1) was used in constructing message (2), and obtains the key K. NOTE - Distinguishing identifier B is included in step (2) to prevent a substitution attack, i.e., the re-use of this message by an adversary masqueradin

    44、g as B (see Annex A). In environments where such attacks cannot occur, the identifier may be omitted. 5.5 Key Establishment Mechanism 5 Key establishment mechanism 5 is derived from the two pass mutual authentication mechanism of ISO/IEC 9798-2, clause 5.2.1. This mechanism enables both A and B to c

    45、ontribute part of the established key K. Key establishment mechanism 5 provides mutual authentication, i.e., both communicating entities are authenticated by the mechanism. Uniqueness/timeliness is controlled by time stamps or sequence numbers. The mechanism requires that both A and B are able to ma

    46、intain mechanisms for generating and verifying the validity of time stamps T or sequence numbers N. Steps: (1) A sends B a time stamp or sequence number TA/NA, the distinguishing identifier B, and the keying material FA. The inclusion of the 0 ISO/lEC ISO/IEC 11770-2:1996(E) 3. (1) eKne(TdNn II B II

    47、 FA II Text?) A (2) eKAB(TdNB II A II FB II Texf2) 0) (2) Pa) (2b) Figure 5 - Mechanism 5 distinguishing identifier B is optional. The data fields are enciphered with KAB. On receipt of message (I), B deciphers the enciphered part, checks the correctness of its distinguishing identifier, if present,

    48、 and checks the time stamp or sequence number. B sends A a time stamp or sequence number TB/NB, the distinguishing identifier A, and the keying material Fe. The inclusion of the distinguishing identifier A is optional. The data fields are enciphered with KAB. On receipt of message (2) A deciphers th

    49、e enciphered part, checks the correctness of its distinguishing identifier, if present, and checks the time stamp or sequence number. Both A and B derive the key K by using a key generating function f with inputs the secret keying material fields FA and FB: K = f(F this process produces the translated key. The KTC then either (4 sends the translated key back to the originator who then forwards it to the ultimate recipient, or I forwards the translated key to the ultimate recipient directly. In an environment where a KTC is used the originator shall have the ability to generate or ot


    注意事项

    本文(ANSI INCITS ISO IEC 11770-2-1996 Information technology - Security techniques - Key management - Part 2 Mechanisms using symmetric techniques.pdf)为本站会员(eventdump275)主动上传,麦多课文档分享仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文档分享(点击联系客服),我们立即给予删除!




    关于我们 - 网站声明 - 网站地图 - 资源地图 - 友情链接 - 网站客服 - 联系我们

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1 

    收起
    展开