1、 Reference numberISO/IEC 11770-4:2006(E)ISO/IEC 2006INTERNATIONAL STANDARD ISO/IEC11770-4First edition2006-05-01Information technology Security techniques Key management Part 4: Mechanisms based on weak secrets Technologies de linformation Techniques de scurit Gestion de cls Partie 4: Mcanismes bass
2、 sur des secrets faibles International Organization for Standardization (ISO), 2006. All rights reserved. International Electrotechnical Commission (IEC), 2006. All rights reserved. NOT FOR RESALE.National Standard of CanadaCAN/CSA-ISO/IEC 11770-4:07(ISO/IEC 11770-4:2006)International Standard ISO/I
3、EC 11770-4:2006 (first edition, 2006-05-01) has been adopted withoutmodification (IDT) as CSA Standard CAN/CSA-ISO/IEC 11770-4:07, which has been approved as a NationalStandard of Canada by the Standards Council of Canada.ISBN 978-1-55436-573-9 November 2007Legal Notice for StandardsCanadian Standar
4、ds Association (CSA) standards are developed through a consensus standards development process approved by the Standards Council of Canada. This process brings together volunteers representing varied viewpoints and interests to achieve consensus and develop a standard. Although CSA administers the p
5、rocess and establishes rules to promote fairness in achieving consensus, it does not independently test, evaluate, or verify the content of standards.Disclaimer and exclusion of liabilityThis document is provided without any representations, warranties, or conditions of any kind, express or implied,
6、 including, without limitation, implied warranties or conditions concerning this documents fitness for a particular purpose or use, its merchantability, or its non-infringement of any third partys intellectual property rights. CSA does not warrant the accuracy, completeness, or currency of any of th
7、e information published in this document. CSA makes no representations or warranties regarding this documents compliance with any applicable statute, rule, or regulation. IN NO EVENT SHALL CSA, ITS VOLUNTEERS, MEMBERS, SUBSIDIARIES, OR AFFILIATED COMPANIES, OR THEIR EMPLOYEES, DIRECTORS, OR OFFICERS
8、, BE LIABLE FOR ANY DIRECT, INDIRECT, OR INCIDENTAL DAMAGES, INJURY, LOSS, COSTS, OR EXPENSES, HOWSOEVER CAUSED, INCLUDING BUT NOT LIMITED TO SPECIAL OR CONSEQUENTIAL DAMAGES, LOST REVENUE, BUSINESS INTERRUPTION, LOST OR DAMAGED DATA, OR ANY OTHER COMMERCIAL OR ECONOMIC LOSS, WHETHER BASED IN CONTRA
9、CT, TORT (INCLUDING NEGLIGENCE), OR ANY OTHER THEORY OF LIABILITY, ARISING OUT OF OR RESULTING FROM ACCESS TO OR POSSESSION OR USE OF THIS DOCUMENT, EVEN IF CSA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, INJURY, LOSS, COSTS, OR EXPENSES.In publishing and making this document available, CSA
10、 is not undertaking to render professional or other services for or on behalf of any person or entity or to perform any duty owed by any person or entity to another person or entity. The information in this document is directed to those who have the appropriate degree of experience to use and apply
11、its contents, and CSA accepts no responsibility whatsoever arising in any way from any and all use of or reliance on the information contained in this document. CSA is a private not-for-profit company that publishes voluntary standards and related documents. CSA has no power, nor does it undertake,
12、to enforce compliance with the contents of the standards or other documents it publishes. Intellectual property rights and ownershipAs between CSA and the users of this document (whether it be in printed or electronic form), CSA is the owner, or the authorized licensee, of all works contained herein
13、 that are protected by copyright, all trade-marks (except as otherwise noted to the contrary), and all inventions and trade secrets that may be contained in this document, whether or not such inventions and trade secrets are protected by patents and applications for patents. Without limitation, the
14、unauthorized use, modification, copying, or disclosure of this document may violate laws that protect CSAs and/or others intellectual property and may give rise to a right in CSA and/or others to seek legal redress for such use, modification, copying, or disclosure. To the extent permitted by licenc
15、e or by law, CSA reserves all intellectual property rights in this document.Patent rightsAttention is drawn to the possibility that some of the elements of this standard may be the subject of patent rights. CSA shall not be held responsible for identifying any or all such patent rights. Users of thi
16、s standard are expressly advised that determination of the validity of any such patent rights is entirely their own responsibility.Authorized use of this documentThis document is being provided by CSA for informational and non-commercial use only. The user of this document is authorized to do only t
17、he following:If this document is in electronic form:.load this document onto a computer for the sole purpose of reviewing it;.search and browse this document; and.print this document. Limited copies of this document in print or paper form may be distributed only to persons who are authorized by CSA
18、to have such copies, and only if this Legal Notice appears on each such copy.In addition, users may not and may not permit others to.alter this document in any way or remove this Legal Notice from the attached standard;.sell this document without authorization from CSA; or.make an electronic copy of
19、 this document.If you do not agree with any of the terms and conditions contained in this Legal Notice, you may not load or use this document or make any copies of the contents hereof, and if you do make such copies, you are required to destroy them immediately. Use of this document constitutes your
20、 acceptance of the terms and conditions of this Legal Notice.Information technology Security techniques Key management Part 4: Mechanisms based on weak secretsTechnical Corrigendum 1:2010 (IDT) toNational Standard of CanadaCAN/CSA-ISO/IEC 11770-4-07(ISO/IEC 11770-4:2006, IDT)NOT FOR RESALE.PUBLICATI
21、ON NON DESTINE LA REVENTE.CSA Standards Update ServiceTechnical Corrigendum 1:2010 toCAN/CSA-ISO/IEC 11770-4-07December 2010Title: Information technology Security techniques Key management Part 4: Mechanisms based on weak secretsPagination:2 pagesTo register for e-mail notification about any updates
22、 to this publicationgo to www.ShopCSA.caclick on E-mail Services under MY ACCOUNTclick on CSA Standards Update ServiceThe List ID that you will need to register for updates to this publication is 2418648.If you require assistance, please e-mail techsupportcsa.ca or call 416-747-2233.Visit CSAs polic
23、y on privacy at www.csagroup.org/legal to find out how we protect your personal information.ICS 35.040 Ref. No. ISO/IEC 11770-4:2006/Cor.1:2009(E) ISO/IEC 2009 All rights reserved INTERNATIONAL STANDARD ISO/IEC 11770-4:2006 TECHNICAL CORRIGENDUM 1 Published 2009-09-15 INTERNATIONAL ORGANIZATION FOR
24、STANDARDIZATION ORGANISATION INTERNATIONALE DE NORMALISATIONINTERNATIONAL ELECTROTECHNICAL COMMISSION COMMISSION LECTROTECHNIQUE INTERNATIONALEInformation technology Security techniques Key management Part 4: Mechanisms based on weak secrets TECHNICAL CORRIGENDUM 1 Technologies de linformation Techn
25、iques de scurit Gestion de cls Partie 4: Mcanismes bass sur des secrets faibles RECTIFICATIF TECHNIQUE 1 Technical Corrigendum 1 to ISO/IEC 11770-4:2006 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security techniques. Page 7, Clause 4 Repla
26、ce the definition of | with the following: X |Y denotes the result of the concatenation of octet strings X and Y in the order specified. In cases where the result of concatenating two or more octet strings is input to a cryptographic function as part of one of the mechanisms specified in this part o
27、f ISO/IEC 11770, this result shall be composed so that it can be uniquely resolved into its constituent octet strings, i.e. so that there is no possibility of ambiguity in interpretation. This latter property could be achieved in a variety of different ways, depending on the application. For example
28、, it could be guaranteed by (a) fixing the length of each of the octet strings throughout the domain of use of the mechanism, or (b) encoding the sequence of concatenated octet strings using a method that guarantees unique decoding, e.g. using the distinguished encoding rules defined in ISO/IEC 8825
29、-1 ISO/IEC 8825-1. Technical Corrigendum 1:2010 to CAN/CSA-ISO/IEC 11770-4-07ISO/IEC 11770-4:2006/Cor.1:2009(E) 2 ISO/IEC 2009 All rights reservedPage 33, Bibliography Add the following at the end of the bibliography: ISO/IEC 8825-1 ISO/IEC 8825-1, Information technology ASN.1 encoding rules: Specif
30、ication of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) Technical Corrigendum 1:2010 to CAN/CSA-ISO/IEC 11770-4-07Copyright NoticeThis Amendment to the International Standard contains information copyright protected by the International Organizati
31、on for Standardization (ISO) and the International Electrotechnical Commission (IEC). Except as permitted under the laws of Canada, no extract of this Amendment to the International Standard may be reproduced, stored in any retrieval system, or transmitted in any form or by any means, electronic, ph
32、otocopying, recording, or otherwise, without prior permission from the Standards Council of Canada (SCC). Requests for permission to reproduce this Amendment to the International Standard or parts thereof should be addressed to Manager, Technical Document Centre Standards Council of Canada 270 Alber
33、t Street, Suite 200 Ottawa, Ontario K1P 6N7 The Canadian adoption of this Amendment to the International Standard contains information copyright protected by the Canadian Standards Association. All rights reserved. No part of this adopted Amendment may be reproduced in any form whatsoever without th
34、e prior permission of the publisher. ISO/IEC material is reprinted with permission. Requests for permission to reproduce this adopted Amendment or parts thereof should be addressed to Manager, Sales Canadian Standards Association 5060 Spectrum Way, Suite 100 Mississauga, Ontario L4W 5N6Copyright vio
35、lators will be prosecuted to the full extent of the law.PRINTED IN CANADAIMPRIMEAU CANADA100%The Canadian Standards Association (CSA) prints its publications on Rolland Enviro100, which contains 100% recycled post-consumer fibre, is EcoLogo and Processed Chlorine Free certified, and was manufactured
36、 using biogas energy.The Canadian Standards Association (CSA),under whose auspices this National Standard has been produced, was chartered in 1919 and accredited by the Standards Council of Canada to the National Standards system in 1973. It is a not-for-profit, nonstatutory, voluntary membership as
37、sociation engaged in standards development and certification activities. CSA standards reflect a national consensus of producers and users including manufacturers, consumers, retailers, unions and professional organizations, and governmental agencies. The standards are used widely by industry and co
38、mmerce and often adopted by municipal, provincial, and federal governments in their regulations, particularly in the fields of health, safety, building and construction, and the environment. Individuals, companies, and associations across Canada indicate their support for CSAs standards development
39、by volunteering their time and skills to CSA Committee work and supporting the Associations objectives through sustaining memberships. The more than 7000 committee volunteers and the 2000 sustaining memberships together form CSAs total membership from which its Directors are chosen. Sustaining membe
40、rships represent a major source of income for CSAs standards development activities. The Association offers certification and testing services in support of and as an extension to its standards development activities. To ensure the integrity of its certification process, the Association regularly an
41、d continually audits and inspects products that bear the CSA Mark. In addition to its head office and laboratory complex in Toronto, CSA has regional branch offices in major centres across Canada and inspection and testing agencies in eight countries. Since 1919, the Association has developed the ne
42、cessary expertise to meet its corporate mission: CSA is an independent service organization whose mission is to provide an open and effective forum for activities facilitating the exchange of goods and services through the use of standards, certification and related services to meet national and int
43、ernational needs.For further information on CSA services, write toCanadian Standards Association5060 Spectrum Way, Suite 100Mississauga, Ontario, L4W 5N6CanadaThe Standards Council of Canada (SCC) is thecoordinating body of the National StandardsSystem, a coalition of independent, autonomousorganiza
44、tions working towards the furtherdevelopment and improvement of voluntarystandardization in the national interest.The principal objects of the SCC are to fosterand promote voluntary standardization as a meansof advancing the national economy, benefiting thehealth, safety, and welfare of the public,
45、assistingand protecting the consumer, facilitating domesticand international trade, and furthering internationalcooperation in the field of standards.A National Standard of Canada (NSC) is a standardprepared or reviewed by an accredited Standards Development Organization (SDO) and approved by the SC
46、C according to the requirements of CAN-P-2. Approval does not refer to the technical content of the standard; this remains the continuing responsibility of the SDO. An NSC reflects a consensus of a number of capable individuals whose collective interests provide, to the greatest practicable extent,
47、a balance of representation of general interests, producers, regulators, users (including consumers), and others with relevant interests, as may be appropriate to the subject in hand. It normally is a standard which is capable of making a significant and timely contribution to the national interest.
48、Those who have a need to apply standards areencouraged to use NSCs. These standards are subjectto periodic review. Users of NSCs are cautionedto obtain the latest edition from the SDO which publishes the standard.The responsibility for approving standards as National Standards of Canada rests with t
49、heStandards Council of Canada270 Albert Street, Suite 200Ottawa, Ontario, K1P 6N7CanadaAlthough the intended primary application of this Standard is stated in its Scope, it is importantto note that it remains the responsibility of the users to judge its suitability for their particular purpose.Registered trade-mark of Canadian Standards AssociationCette norme est offerte en anglais seulement pour le moment. La CSA
