ANSI INCITS ISO IEC 9798-6-2005 Information technology - Security techniques - Entity authentication - Part 6 Mechanisms using manual data transfer.pdf
《ANSI INCITS ISO IEC 9798-6-2005 Information technology - Security techniques - Entity authentication - Part 6 Mechanisms using manual data transfer.pdf》由会员分享,可在线阅读,更多相关《ANSI INCITS ISO IEC 9798-6-2005 Information technology - Security techniques - Entity authentication - Part 6 Mechanisms using manual data transfer.pdf(28页珍藏版)》请在麦多课文档分享上搜索。
1、INCITS/ISO/IEC 9798-6:20052008 (ISO/IEC 9798-6:2005, IDT) Information technology Security techniques Entity authentication Part 6: Mechanisms using manualdata transferINCITS/ISO/IEC 9798-6:20052008(ISO/IEC 9798-6:2005, IDT)INCITS/ISO/IEC 9798-6:20052008 ii ITIC 2008 All rights reserved PDF disclaime
2、r This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accep
3、t therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the fi
4、le; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. Adopted by INCITS (
5、InterNational Committee for Information Technology Standards) as an American National Standard. Date of ANSI Approval: 7/2/2008 Published by American National Standards Institute, 25 West 43rd Street, New York, New York 10036 Copyright 2008 by Information Technology Industry Council (ITI). All right
6、s reserved. These materials are subject to copyright claims of International Standardization Organization (ISO), International Electrotechnical Commission (IEC), American National Standards Institute (ANSI), and Information Technology Industry Council (ITI). Not for resale. No part of this publicati
7、on may be reproduced in any form, including an electronic retrieval system, without the prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW, Washington, DC 20005. Printed in the United States of America iiiContents PageForewordivIn
8、troductionv1 Scope . 12 Normative references . 13 Terms and definitions. 14 Symbols and abbreviated terms . 25 Requirements 36 Mechanisms using a short check-value. 46.1 General. 46.2 Mechanism 1 One device with simple input, one device with simple output 46.2.1 Requirements 46.2.2 Specification of
9、data exchanged. 46.2.3 Manual authentication certificates 56.3 Mechanism 2 Devices with simple input capabilities 66.3.1 Requirements 66.3.2 Specification of data exchanged. 67 Mechanisms using a MAC 77.1 General. 77.2 Mechanism 3 Devices with simple output capabilities 77.2.1 General. 77.2.2 Requir
10、ements 77.2.3 Specification of data exchanged in mechanism 3a. 77.2.4Specification of data exchanged in mechanism 3b97.3 Mechanism 4 One device with simple input, one device with simple output 107.3.1 General. 107.3.2 Requirements 107.3.3 Specification of data exchanged in mechanism 4a. 107.3.4 Spec
11、ification of data exchanged in mechanism 4b 11Annex A (informative) Using manual authentication protocols for the exchange of secret keys . 12A.1 General. 12A.2 Authenticated Diffie-Hellman key agreement 12A.3 Authenticated Diffie-Hellman key agreement using a manual authentication certificate . 12A
12、.3.1 General. 12A.3.2 Stage 1 . 13A.3.3 Stage 2 (initiated by either device at some later time)13A.4 More than two components . 13Annex B (informative) Using manual authentication protocols for the exchange of public keys . 14B.1 General. 14B.2 Requirements 14B.3 Private key generated in device 14B.
13、4 Private key generated externally. 15Annex C (informative) On mechanism security and choices for parameter lengths 16C.1 General. 16C.2 Use of mechanisms 1 and 2. 16C.3 Use of mechanisms 3 and 4. 17Annex D (informative) A method for generating short check-values 18D.1 General . 18Bibliography . 20I
14、NCITS/ISO/IEC 9798-6:20052008 ITIC 2008 All rights reservediv ForewordISO (the International Organization for Standardization) and IEC (the International ElectrotechnicalCommission) form the specialized system for worldwide standardization. National bodies that are members ofISO or IEC participate i
15、n the development of International Standards through technical committeesestablished by the respective organization to deal with particular fields of technical activity. ISO and IECtechnical committees collaborate in fields of mutual interest. Other international organizations, governmentaland non-g
16、overnmental, in liaison with ISO and IEC, also take part in the work. In the field of informationtechnology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.The main task
17、of the joint technical committee is to prepare International Standards. Draft InternationalStandards adopted by the joint technical committee are circulated to national bodies for voting. Publication asan International Standard requires approval by at least 75 % of the national bodies casting a vote
18、.Attention is drawn to the possibility that some of the elements of this document may be the subject of patentrights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.ISO/IEC 9798-6 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology
19、,Subcommittee SC 27, IT Security techniques.ISO/IEC 9798 consists of the following parts, under the general title Information technology Securitytechniques Entity authentication: Part 1: General Part 2: Mechanisms using symmetric encipherment algorithms Part 3: Mechanisms using digital signature tec
20、hniques Part 4: Mechanisms using a cryptographic check function Part 5: Mechanisms using zero-knowledge techniques Part 6: Mechanisms using manual data transferINCITS/ISO/IEC 9798-6:20052008 ITIC 2008 All rights reservedvIntroductionWithin networks of communicating devices it is often necessary for
21、two devices to perform an entityauthentication procedure using a channel which may be subject to both passive and active attacks, wherean active attack may include a malicious third party introducing data into the channel and/or modifying, deletingor repeating data legitimately sent on the channel.
22、Other parts of this International Standard describe entityauthentication mechanisms applicable when the two devices share a secret key, or where one device has anauthenticated copy of a public key for the other device.In this part of ISO/IEC 9798, entity authentication mechanisms, referred to as man
23、ual authenticationmechanisms, are specified where there is no such assumption of pre-established keying relationships.Instead entity authentication is achieved by manually transferring short data strings from one device to theother, or by manually comparing short data strings output by the two devic
24、es.For the purposes of this part of ISO/IEC 9798, the meaning of the term entity authentication is different to themeaning applied in other parts of ISO/IEC 9798. Instead of one device verifying that the other device has aclaimed identity (and vice versa), both devices in possession of a user verify
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
10000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- ANSIINCITSISOIEC979862005INFORMATIONTECHNOLOGYSECURITYTECHNIQUESENTITYAUTHENTICATIONPART6MECHANISMSUSINGMANUALDATATRANSFERPDF

链接地址:http://www.mydoc123.com/p-436589.html