BS ISO IEC 13888-1-2009 Information technology - Security techniques - Non-repudiation - General《信息技术 安全技术 不可否认性 概述》.pdf

1、BS ISO/IEC 13888-1:2009 ICS 35.040 NO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAW BRITISH STANDARD Information technology Security techniques Non-repudiation Part 1: GeneralThis British Standard was published under the authority of the Standards Policy and Strategy Committee

2、on 31 August 2009 BSI 2009 ISBN 978 0 580 59843 2 Amendments/corrigenda issued since publication Date Comments BS ISO/IEC 13888-1:2009 National foreword This British Standard is the UK implementation of ISO/IEC 13888-1:2009. It supersedes BS ISO/IEC 13888-1:2004 which is withdrawn. The UK participat

3、ion in its preparation was entrusted to Technical Committee IST/33, IT - Security techniques. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsi

4、ble for its correct application. Compliance with a British Standard cannot confer immunity from legal obligations.BS ISO/IEC 13888-1:2009Reference number ISO/IEC 13888-1:2009(E) ISO/IEC 2009INTERNATIONAL STANDARD ISO/IEC 13888-1 Third edition 2009-07-15 Information technology Security techniques Non

5、-repudiation Part 1: General Technologies de linformation Techniques de scurit Non-rpudiation Partie 1: Gnralits BS ISO/IEC 13888-1:2009 ISO/IEC 13888-1:2009(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed

6、 but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in th

7、is area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for

8、 use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2009 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utili

9、zed in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax +

10、 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2009 All rights reservedBS ISO/IEC 13888-1:2009 ISO/IEC 13888-1:2009(E) ISO/IEC 2009 All rights reserved iii Contents Page Foreword iv Introduction v 1 Scope . 1 2 Normative references . 1 3 Terms and defini

11、tions. 1 4 Symbols and abbreviated terms . 8 5 Organisation of the remainder of this part of ISO/IEC 13888. 8 6 Requirements 9 7 Generic non-repudiation services. 9 7.1 Entities involved in the provision and verification of evidence. 9 7.2 Non-repudiation services. 10 8 Trusted third party involveme

12、nt 10 8.1 General. 10 8.2 Evidence generation phase . 10 8.3 Evidence transfer, storage and retrieval phase. 11 8.4 Evidence verification phase 11 9 Evidence generation and verification mechanisms 12 9.1 General. 12 9.2 Secure envelopes . 12 9.3 Digital signatures 13 9.4 Evidence verification mechan

13、ism . 13 10 Non-repudiation tokens 13 10.1 General. 13 10.2 Generic non-repudiation token . 14 10.3 Time-stamping token 15 10.4 Notarization token. 15 11 Specific non-repudiation services 15 11.1 General. 15 11.2 Non-repudiation of origin. 16 11.3 Non-repudiation of delivery. 16 11.4 Non-repudiation

14、 of submission. 16 11.5 Non-repudiation of transport. 16 12 Use of specific non-repudiation tokens in a messaging environment . 17 Bibliography . 19 BS ISO/IEC 13888-1:2009 ISO/IEC 13888-1:2009(E) iv ISO/IEC 2009 All rights reservedForeword ISO (the International Organization for Standardization) an

15、d IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal wi

16、th particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC ha

17、ve established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the join

18、t technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights.

19、 ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 13888-1 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security techniques. This third edition cancels and replaces the second edition (ISO/IEC 1

20、3888-1:2004), which has been technically revised. ISO/IEC 13888 consists of the following parts, under the general title Information technology Security techniques Non-repudiation: Part 1: General Part 2: Mechanisms using symmetric techniques Part 3: Mechanisms using asymmetric techniques BS ISO/IEC

21、 13888-1:2009 ISO/IEC 13888-1:2009(E) ISO/IEC 2009 All rights reserved v Introduction The goal of a non-repudiation service is to generate, collect, maintain, make available and verify evidence concerning a claimed event or action in order to resolve disputes about the occurrence or non occurrence o

22、f the event or action. This part of ISO/IEC 13888 defines a model for non-repudiation mechanisms providing evidence based on cryptographic check values generated using symmetric or asymmetric cryptographic techniques. Non-repudiation services establish evidence; evidence establishes accountability r

23、egarding a particular event or action. The entity responsible for the action, or associated with the event, with regard to which evidence is generated, is known as the evidence subject. Non-repudiation mechanisms provide protocols for the exchange of non-repudiation tokens specific to each non-repud

24、iation service. Non-repudiation tokens consist of secure envelopes and/or digital signatures and, optionally, additional data: Secure envelopes are generated by an evidence generating authority using symmetric cryptographic techniques. Digital signatures are generated by an evidence generator or an

25、evidence generating authority using asymmetric techniques. Non-repudiation tokens can be stored as non-repudiation information that can be used subsequently by disputing parties or by an adjudicator to arbitrate in disputes. Depending on the non-repudiation policy in effect for a specific applicatio

26、n, and the legal environment within which the application operates, additional information may be required to complete the non-repudiation information, for example: evidence including a trusted time-stamp provided by a time-stamping authority, evidence provided by a notary which provides assurance a

27、bout data created or the action or event performed by one or more entities. Non-repudiation can only be provided within the context of a clearly defined security policy for a particular application and its legal environment. Non-repudiation policies are described in ISO/IEC 10181-4. Specific non-rep

28、udiation mechanisms generic to the various non-repudiation services are first described and then applied to a selection of specific non-repudiation services such as: non-repudiation of origin, non-repudiation of delivery, non-repudiation of submission, non-repudiation of transport. Additional non-re

29、pudiation services mentioned in this part of ISO/IEC 13888 are: non-repudiation of creation, non-repudiation of receipt, non-repudiation of knowledge, non-repudiation of sending. BS ISO/IEC 13888-1:2009BS ISO/IEC 13888-1:2009 INTERNATIONAL STANDARD ISO/IEC 13888-1:2009(E) ISO/IEC 2009 All rights res

30、erved 1 Information technology Security techniques Non-repudiation Part 1: General 1 Scope This part of ISO/IEC 13888 serves as a general model for subsequent parts specifying non-repudiation mechanisms using cryptographic techniques. ISO/IEC 13888 provides non-repudiation mechanisms for the followi

31、ng phases of non-repudiation: evidence generation; evidence transfer, storage and retrieval; and evidence verification. Dispute arbitration is outside the scope of ISO/IEC 13888. 2 Normative references The following referenced documents are indispensable for the application of this document. For dat

32、ed references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 10181-4:1997, Information technology Open Systems Interconnection Security frameworks for open systems: Non-repudiation framework ISO/IEC 1

33、8014 (all parts), Information technology Security techniques Time-stamping services 3 Terms and definitions For the purposes of this document, the following terms and definitions apply. 3.1 accountability property that ensures that the actions of an entity may be traced uniquely to the entity ISO 74

34、98-2 3.2 certificate entitys data rendered unforgeable with the private or secret key of a certification authority BS ISO/IEC 13888-1:2009 ISO/IEC 13888-1:2009(E) 2 ISO/IEC 2009 All rights reserved3.3 certification authority authority trusted by one or more users to create and assign certificates NO

35、TE 1 Adapted from ISO/IEC 9594-8:2001, 3.3.17. NOTE 2 Optionally the certification authority can create the users keys. 3.4 cryptographic check function cryptographic transformation which takes as input a secret key and an arbitrary string, and which gives a cryptographic check value as output 3.5 d

36、ata integrity property that data has not been altered or destroyed in an unauthorized manner ISO 7498-2 3.6 data origin authentication corroboration that the source of data received is as claimed ISO 7498-2 3.7 data storage means for storing information from which data is submitted for delivery, or

37、into which data is put by the delivery authority 3.8 delivery authority authority trusted by the sender to deliver the data from the sender to the receiver, and to provide the sender with evidence on the submission and transport of data upon request 3.9 digital signature data appended to, or a crypt

38、ographic transformation of, a data unit that allows the recipient of the data unit to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient ISO 7498-2 3.10 distinguishing identifier information which unambiguously distinguishes an entity in the non-repudia

39、tion process 3.11 evidence information which is used, either by itself or in conjunction with other information, to establish proof about an event or action NOTE Evidence does not necessarily prove the truth or existence of something (see proof) but can contribute to the establishment of such a proo

40、f. 3.12 evidence generator entity that produces non-repudiation evidence ISO/IEC 10181-4 BS ISO/IEC 13888-1:2009 ISO/IEC 13888-1:2009(E) ISO/IEC 2009 All rights reserved 3 3.13 evidence user entity that uses non-repudiation evidence ISO/IEC 10181-4 3.14 evidence verifier entity that verifies non-rep

41、udiation evidence ISO/IEC 10181-4 3.15 evidence requester entity requesting evidence to be generated either by another entity or by a trusted third party 3.16 evidence subject entity responsible for the action, or associated with the event, with regard to which evidence is generated 3.17 hash-code s

42、tring of bits that is the output of a hash-function ISO/IEC 10118-1 3.18 hash-function function which maps strings of bits to fixed-length strings of bits, satisfying the following two properties: it is computationally infeasible to find for a given output an input which maps to this output; it is c

43、omputationally infeasible to find for a given input a second input which maps to the same output ISO/IEC 10118-1 3.19 imprint string of bits, either the hash-code of a data string or the data string itself 3.20 key sequence of symbols that controls the operations of a cryptographic transformation (e

44、.g. encipherment, decipherment, cryptographic check-function computation, signature calculation, or signature verification) ISO/IEC 11770-3 3.21 monitoring authority monitor trusted third party monitoring actions and events, and that is trusted to provide evidence about what has been monitored 3.22

45、Message Authentication Code MAC string of bits which is the output of a MAC algorithm ISO/IEC 9797-1 NOTE A MAC is sometimes called a cryptographic check value (see for example ISO 7498-2). BS ISO/IEC 13888-1:2009 ISO/IEC 13888-1:2009(E) 4 ISO/IEC 2009 All rights reserved3.23 Message Authentication

46、Code algorithm MAC algorithm algorithm for computing a function that maps strings of bits and a secret key to fixed-length strings of bits, satisfying the following two properties: for any key and any input string the function can be computed efficiently; for any fixed key, and given no prior knowle

47、dge of the key, it is computationally infeasible to compute the function value on any new input string, even given knowledge of the set of input strings and corresponding function values, where the value of the ith input string may have been chosen after observing the value of the first i 1 function

48、 values NOTE 1 A MAC algorithm is sometimes called a cryptographic check function (see for example ISO 7498-2). NOTE 2 Computational feasibility depends on the users specific security requirements and environment. ISO/IEC 9797-1 3.24 non-repudiation of creation service intended to protect against an

49、 entitys false denial of having created the content of a message (i.e. being responsible for the content of a message) 3.25 non-repudiation of delivery service intended to protect against a recipients false denial of having received a message and recognised the content of a message 3.26 non-repudiation of delivery token data item which allows the originator to establish non-repudiation of delivery for a message 3.27 non-repudiation ex