ISO/IEC 11770-3-2008 信息技术.安全技术.密钥管理.第3部分:使用不对称技术的机制
作者:标准资料网
时间:2024-05-12 15:34:02
浏览:8724
来源:标准资料网
下载地址: 点击此处下载
【英文标准名称】:Informationtechnology-Securitytechniques-Keymanagement-Part3:Mechanismsusingasymmetrictechniques
【原文标准名称】:信息技术.安全技术.密钥管理.第3部分:使用不对称技术的机制
【标准号】:ISO/IEC11770-3-2008
【标准状态】:现行
【国别】:国际
【发布日期】:2008-07
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1/SC27
【标准类型】:()
【标准水平】:()
【中文主题词】:算法;不对称的;校验;代号系统;编码;密码;数据处理;数据保护;数据传输;定义;信息交换;信息技术;IT安全;安全工程
【英文主题词】:Algorithms;Asymmetrical;Authentication;Codesystems;Coding;Cryptographic;Dataprocessing;Dataprotection;Datatransmission;Definitions;Informationinterchange;Informationtechnology;ITsecurity;Safetyengineering
【摘要】:ThispartofISO/IEC11770defineskeymanagementmechanismsbasedonasymmetriccryptographictechniques.Itspecificallyaddressestheuseofasymmetrictechniquestoachievethefollowinggoals.1)EstablishasharedsecretkeyforasymmetriccryptographictechniquebetweentwoentitiesAandBbykeyagreement.Inasecretkeyagreementmechanism,thesecretkeyistheresultofadataexchangebetweenthetwoentitiesAandB.Neitherofthemcanpredeterminethevalueofthesharedsecretkey.2)EstablishasharedsecretkeyforasymmetriccryptographictechniquebetweentwoentitiesAandBbykeytransport.Inasecretkeytransportmechanism,thesecretkeyischosenbyoneentityAandistransferredtoanotherentityB,suitablyprotectedbyasymmetrictechniques.3)Makeanentity'spublickeyavailabletootherentitiesbykeytransport.Inapublickeytransportmechanism,thepublickeyofentityAmustbetransferredtootherentitiesinanauthenticatedway,butnotrequiringsecrecy.SomeofthemechanismsofthispartofISO/IEC11770arebasedonthecorrespondingauthenticationmechanismsinISO/IEC9798-3.ThispartofISO/IEC11770doesnotcoveraspectsofkeymanagementsuchas--keylifecyclemanagement,--mechanismstogenerateorvalidateasymmetrickeypairs,--mechanismstostore,archive,delete,destroy,etc.keys.WhilethispartofISO/IEC11770doesnotexplicitlycoverthedistributionofanentity'sprivatekey(ofanasymmetrickeypair)fromatrustedthirdpartytoarequestingentity,thekeytransportmechanismsdescribedcanbeusedtoachievethis.Aprivatekeycaninallcasesbedistributedwiththesemechanismswhereanexisting,non-compromisedkeyalreadyexists.However,inpracticethedistributionofprivatekeysisusuallyamanualprocessthatreliesontechnologicalmeanslikesmartcards,etc.ThispartofISO/IEC11770doesnotcovertheimplementationsofthetransformationsusedinthekeymanagementmechanisms.NOTEToachieveauthenticityofkeymanagementmessages,itispossibletomakeprovisionsforauthenticitywithinthekeyestablishmentprotocolortouseapublickeysignaturesystemtosignthekeyexchangemessages.
【中国标准分类号】:L04
【国际标准分类号】:35_040
【页数】:89P.;A4
【正文语种】:英语
【原文标准名称】:信息技术.安全技术.密钥管理.第3部分:使用不对称技术的机制
【标准号】:ISO/IEC11770-3-2008
【标准状态】:现行
【国别】:国际
【发布日期】:2008-07
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1/SC27
【标准类型】:()
【标准水平】:()
【中文主题词】:算法;不对称的;校验;代号系统;编码;密码;数据处理;数据保护;数据传输;定义;信息交换;信息技术;IT安全;安全工程
【英文主题词】:Algorithms;Asymmetrical;Authentication;Codesystems;Coding;Cryptographic;Dataprocessing;Dataprotection;Datatransmission;Definitions;Informationinterchange;Informationtechnology;ITsecurity;Safetyengineering
【摘要】:ThispartofISO/IEC11770defineskeymanagementmechanismsbasedonasymmetriccryptographictechniques.Itspecificallyaddressestheuseofasymmetrictechniquestoachievethefollowinggoals.1)EstablishasharedsecretkeyforasymmetriccryptographictechniquebetweentwoentitiesAandBbykeyagreement.Inasecretkeyagreementmechanism,thesecretkeyistheresultofadataexchangebetweenthetwoentitiesAandB.Neitherofthemcanpredeterminethevalueofthesharedsecretkey.2)EstablishasharedsecretkeyforasymmetriccryptographictechniquebetweentwoentitiesAandBbykeytransport.Inasecretkeytransportmechanism,thesecretkeyischosenbyoneentityAandistransferredtoanotherentityB,suitablyprotectedbyasymmetrictechniques.3)Makeanentity'spublickeyavailabletootherentitiesbykeytransport.Inapublickeytransportmechanism,thepublickeyofentityAmustbetransferredtootherentitiesinanauthenticatedway,butnotrequiringsecrecy.SomeofthemechanismsofthispartofISO/IEC11770arebasedonthecorrespondingauthenticationmechanismsinISO/IEC9798-3.ThispartofISO/IEC11770doesnotcoveraspectsofkeymanagementsuchas--keylifecyclemanagement,--mechanismstogenerateorvalidateasymmetrickeypairs,--mechanismstostore,archive,delete,destroy,etc.keys.WhilethispartofISO/IEC11770doesnotexplicitlycoverthedistributionofanentity'sprivatekey(ofanasymmetrickeypair)fromatrustedthirdpartytoarequestingentity,thekeytransportmechanismsdescribedcanbeusedtoachievethis.Aprivatekeycaninallcasesbedistributedwiththesemechanismswhereanexisting,non-compromisedkeyalreadyexists.However,inpracticethedistributionofprivatekeysisusuallyamanualprocessthatreliesontechnologicalmeanslikesmartcards,etc.ThispartofISO/IEC11770doesnotcovertheimplementationsofthetransformationsusedinthekeymanagementmechanisms.NOTEToachieveauthenticityofkeymanagementmessages,itispossibletomakeprovisionsforauthenticitywithinthekeyestablishmentprotocolortouseapublickeysignaturesystemtosignthekeyexchangemessages.
【中国标准分类号】:L04
【国际标准分类号】:35_040
【页数】:89P.;A4
【正文语种】:英语
下载地址:
点击此处下载