ImageVerifierCode 换一换
格式:PDF , 页数:236 ,大小:1.66MB ,
资源ID:435032      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-435032.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ANSI IEEE 1363-2000 Standard Specifications for Public-Key Cryptography (IEEE Computer Society Documents)《公钥密码的标准规范》.pdf)为本站会员(feelhesitate105)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ANSI IEEE 1363-2000 Standard Specifications for Public-Key Cryptography (IEEE Computer Society Documents)《公钥密码的标准规范》.pdf

1、The Institute of Electrical and Electronics Engineers, Inc.3 Park Avenue, New York, NY 10016-5997, USACopyright 2000 by the Institute of Electrical and Electronics Engineers, Inc.All rights reserved. Published 25 August 2000. Printed in the United States of America.Print: ISBN 0-7381-1956-3 SH94820P

2、DF: ISBN 0-7381-1957-1 SS94820No part of this publication may be reproduced in any form, in an electronic retrieval system or otherwise, without the prior written permission of the publisher.IEEE Std 1363-2000IEEE Standard Specifications for Public-Key CryptographySponsorMicroprocessor Standards Com

3、mitteeof theIEEE Computer SocietyApproved 30 January 2000IEEE-SA Standards BoardApproved 27 July 2000American National Standards InstituteAbstract: This standard specifies common public-key cryptographic techniques, includingmathematical primitives for secret value (key) derivation, public-key encry

4、ption, and digitalsignatures, and cryptographic schemes based on those primitives. It also specifies relatedcryptographic parameters, public keys, and private keys. The purpose of this standard is to providea reference for specifications on a variety of techniques from which applications may select.

5、Keywords: digital signature, encryption, key agreement, public-key cryptographyIEEE Standardsdocuments are developed within the IEEE Societies and the Standards Coordinating Com-mittees of the IEEE Standards Association (IEEE-SA) Standards Board. Members of the committees servevoluntarily and withou

6、t compensation. They are not necessarily members of the Institute. The standardsdeveloped within IEEE represent a consensus of the broad expertise on the subject within the Institute aswell as those activities outside of IEEE that have expressed an interest in participating in the development ofthe

7、standard.Use of an IEEE Standard is wholly voluntary. The existence of an IEEE Standard does not imply that thereare no other ways to produce, test, measure, purchase, market, or provide other goods and services related tothe scope of the IEEE Standard. Furthermore, the viewpoint expressed at the ti

8、me a standard is approved andissued is subject to change brought about through developments in the state of the art and commentsreceived from users of the standard. Every IEEE Standard is subjected to review at least every five years forrevision or reaffirmation. When a document is more than five ye

9、ars old and has not been reaffirmed, it is rea-sonable to conclude that its contents, although still of some value, do not wholly reflect the present state ofthe art. Users are cautioned to check to determine that they have the latest edition of any IEEE Standard.Comments for revision of IEEE Standa

10、rds are welcome from any interested party, regardless of membershipaffiliation with IEEE. Suggestions for changes in documents should be in the form of a proposed change oftext, together with appropriate supporting comments.Interpretations: Occasionally questions may arise regarding the meaning of p

11、ortions of standards as theyrelate to specific applications. When the need for interpretations is brought to the attention of IEEE, theInstitute will initiate action to prepare appropriate responses. Since IEEE Standards represent a consensus ofall concerned interests, it is important to ensure that

12、 any interpretation has also received the concurrence of abalance of interests. For this reason, IEEE and the members of its societies and Standards CoordinatingCommittees are not able to provide an instant response to interpretation requests except in those cases wherethe matter has previously rece

13、ived formal consideration. Comments on standards and requests for interpretations should be addressed to:Secretary, IEEE-SA Standards Board445 Hoes LaneP.O. Box 1331Piscataway, NJ 08855-1331USAIEEE is the sole entity that may authorize the use of certification marks, trademarks, or other designation

14、s toindicate compliance with the materials set forth herein.Authorization to photocopy portions of any individual standard for internal or personal use is granted by theInstitute of Electrical and Electronics Engineers, Inc., provided that the appropriate fee is paid to CopyrightClearance Center. To

15、 arrange for payment of licensing fee, please contact Copyright Clearance Center, Cus-tomer Service, 222 Rosewood Drive, Danvers, MA 01923 USA; (978) 750-8400. Permission to photocopyportions of any individual standard for educational classroom use can also be obtained through the Copy-right Clearan

16、ce Center.Note: Attention is called to the possibility that implementation of this standard mayrequire use of subject matter covered by patent rights. By publication of this standard,no position is taken with respect to the existence or validity of any patent rights inconnection therewith. The IEEE

17、shall not be responsible for identifying patents forwhich a license may be required by an IEEE standard or for conducting inquiries intothe legal validity or scope of those patents that are brought to its attention.Copyright 2000 IEEE. All rights reserved.iiiIntroduction(This introduction is not par

18、t of IEEE Std 1363-2000, IEEE Standard Specifications for Public-Key Cryptography.)The P1363 project started as the “Standard for Rivest-Shamir-Adleman, Diffie-Hellman, and RelatedPublic-Key Cryptography,” with its first meeting held in January 1994, following a strategic initiative by theMicroproce

19、ssor Standards Committee to develop standards for cryptography.P1363s scope broadened with the inclusion of elliptic curve cryptosystems as relatedcryptography, andlater the title was changed to the current one to reflect the breadth of the effort. In mid-1996, the workinggroup decided to include th

20、ree families of techniques, based on three different hard problemsintegerfactorization, discrete logarithms over finite fields, and elliptic curve discrete logarithms. By late 1996, theset of techniques was fairly stable, with additionaltechniques deferred to the P1363a project.Most of the next two

21、years saw an increasing intensity of editing, as the Working Group sought to fulfill thescope that remained. In early 1998, the group set a schedule for completion that would bring the document toballot in late 1998, and final sections of the document were prepared.The process of developing a standa

22、rd is always a challenging one, particularly when the subject is astechnical as cryptography and the scope is as broad as proposed for P1363. Moreover, as other groups weredeveloping complementary standards at the same time as P1363, close coordination was an essential aspect.Security implies a grea

23、t deal of caution, and the Working Group was careful in its deliberations not to set any“standards” that might later lead to vulnerabilities (although, as it is pointed out elsewhere, this standard ismuch more about a framework for specifying public-key techniques, than it is about security, per se)

24、.In addition to this standard, the P1363 project has provided a number of other contributions to the computersecurity industry. First, it has presented a forum where experts can discuss general issues related topublic-key standardization. Second, through its Web page and its call for submissions to

25、P1363a, the projecthas given a focal point for the presentation of new developments in public-key technology. Third, it hashelped facilitate the open discussion of intellectual property issues in this area. And, finally, through itsdrafts, P1363 has provided reference material to a wide community of

26、 cryptographers that otherwise wasrelegated to textbooks and research papers. For the duration of its existence, the Working Group intends tomaintain a Web page containing “errata and latest information” as an additional reference to support P1363documents (see http:/grouper.ieee.org/groups/1363/ind

27、ex.html). The P1363 Working Group is grateful to the many experts who have contributed to this standard, andparticularly to those whose development of public-key technology over the past two decades has providedthe foundation for information security in the next century.ivCopyright 2000 IEEE. All ri

28、ghts reserved.ParticipantsThe active participants in the IEEE Std 1363-2000 Working Group at the time this standard was completedand balloted were as follows:Burt Kaliski, ChairTerry S. Arnold, Vice ChairRobert Schlafly, SecretaryMichael Markowitz, TreasurerYiquin Lisa Yin, Technical EditorIn additi

29、on, the Working Group would like to thank the following people for their contributions to thestandard:The Working Group apologizes for any inadvertent omissions from the above list. Please note that inclusionof a persons name on the above two lists does not imply that the person agrees with all the

30、materials in thisstandard.Benjamin AraziIan BlakeLily ChenLouis FinkelsteinWalter FumyDonald B. JohnsonShirley KawamotoTetsutaro KobayashiDavid KravitzPil Joong LeeFranck LeprevostDaniel LiemanAlfred MenezesTatsuaki OkamotoMinghua QuAnand RajanLeonid ReyzinAllen RoginskyRichard SchroeppelAri SingerJ

31、erry SolinasKazuo TakaragiAshok VadekarScott VanstoneWilliam WhyteRobert ZuccheratoMichel AbdallaRich AnkneyDavid AucsmithPaulo S. L. M. BarretoMihir BellareTom BersonSimon Blake-WilsonEric BlossomUri BlumenthalMark ChenDon CoppersmithRichard CrandallWei DaiErik De WinJean-Francois DhemWhitfield Dif

32、fie Carl EllisonAmos FiatRobert GallantJohn GilmoreRoger GolliverGary L. GraunkePhillip GriffinLouis GuillouStuart HaberShai HaleviShouichi HiroseRobert HoferDale HopkinsDavid HopwoodRussell HousleyEric HughesDavid JablonMarc JoyeAleksandar JurisicCharanjit JutlaJohn KennedyKatherine T. KislitzinCet

33、in K. KocRay KopsaRobert J. LambertPeter LandrockLaurie LawChang-Hyi LeeJong-In LimMoses LiskovWenbo MaoStephen M. MatyasPreda Mihailescu Peter MontgomeryFrancois MorainPeter NeumannMark OliverAram PerezMohammad PeyravianBart PreneelJean-Jacques QuisquaterKaren RandallRichard L. RobertsonMatt Robsha

34、w Phillip RogawayPaul RubinRainer RueppelClaus P. SchnorrMike ScottGadiel SeroussiSherry ShannonRobert D. SilvermanTim SkorickDavid SowinskiPaul Van OorschotMichael J. WienerHarold M. WilenskyThomas WuSusumu YoshidaYuliang ZhengCopyright 2000 IEEE. All rights reserved.vThe following members of the b

35、alloting committee voted on this standard:When the IEEE-SA Standards Board approved this standard on 30 January 2000, it had the followingmembership:Richard J. Holleman,ChairDonald N. Heirman,Vice ChairJudith Gorman,Secretary*Member EmeritusAlso included is the following nonvoting IEEE-SA Standards

36、Board liaison:Robert E. HebnerJennifer McClain LongmanIEEE Standards Project EditorCarlisle M. AdamsMalcolm J. AirstChristopher AllenTerry S. ArnoldGlen AtkinsSimon Blake-WilsonLily ChenJohn L. ColeErik De WinDante Del CorsoStephen L. DiamondRobert GallantPatrick S. GoniaJulio Gonzalez-SanzGary L. G

37、raunkeSandor V. HalaszJim D. IsaakDonald B. JohnsonBurt KaliskiShirley KawamotoDavid KravitzThomas M. KuriharaRobert J. LambertPil Joong LeeFranck LeprevostThomas LuedekeMichael J. MarkowitzJoseph R. MarshallSerge MisterStig Frode MjolsnesPaul S. MontagueJohn E. MontagueRoy OishiMinghua QuLeonid Rey

38、zinDavid RockwellRoger SchlaflyMarius SeritanW. Olin SibertAri SingerKeith SollersMichael SteinackerFred J. StraussKazuo TakaragiJoseph TardoMichael D. TeenerAshok VadekarPaul Van OorschotClarence M. Weaver, JrMichael J. WeinerHarold M. WilenskyForrest D. WrightCheng-Wen WuChung-Huang YangYiqun Lisa

39、 YinOren YuenRobert ZuccheratoSatish K. AggarwalDennis BodsonMark D. BowmanJames T. CarloGary R. EngmannHarold E. EpsteinJay Forster*Ruben D. GarzonJames H. GurneyLowell G. JohnsonRobert J. KennellyE. G. “Al” KienerJoseph L. Koepfinger*L. Bruce McClungDaleep C. MohlaRobert F. MunznerLouis-Franois Pa

40、uRonald C. PetersenGerald H. PetersonJohn B. PoseyGary S. RobinsonAkio TojoHans E. WeinrichDonald W. ZipseviCopyright 2000 IEEE. All rights reserved.Contents1. Overview 11.1 Scope 11.2 Purpose. 11.3 Organization of the document 22. References 23. Definitions 34. Types of cryptographic techniques 74.

41、1 General model 74.2 Primitives . 84.3 Schemes . 84.4 Additional methods 94.5 Table summary. 95. Mathematical conventions . 105.1 Mathematical notation . 115.2 Bit strings and octet strings 125.3 Finite fields 135.4 Elliptic curves and points. 145.5 Data type conversion 146. Primitives based on the

42、discrete logarithm problem 176.1 The DL setting . 176.2 Primitives . 197. Primitives based on the elliptic curve discrete logarithm problem 277.1 The EC setting 277.2 Primitives . 298. Primitives based on the integer factorization problem 378.1 The IF setting . 378.2 Primitives . 399. Key agreement

43、schemes. 469.1 General model 469.2 DL/ECKAS-DH1. 479.3 DL/ECKAS-DH2. 499.4 DL/ECKAS-MQV . 5010. Signature schemes 5110.1 General model 51Copyright 2000 IEEE. All rights reserved.vii10.2 DL/ECSSA. 5310.3 IFSSA. 5511. Encryption schemes . 5611.1 General model 5611.2 IFES . 5712. Message-encoding metho

44、ds. 5812.1 Message-encoding methods for signatures with appendix 5912.2 Message-encoding methods for encryption . 6113. Key derivation functions 6313.1 KDF1 6414. Auxiliary functions 6414.1 Hash functions . 6414.2 Mask generation functions. 65Annex A (informative) Number-theoretic background. 67A.1

45、Integer and modular arithmetic: overview. 67A.2 Integer and modular arithmetic: algorithms. 72A.3 Binary finite fields: overview 77A.4 Binary finite fields: algorithms 85A.5 Polynomials over a finite field. 91A.6 General normal bases for binary fields 94A.7 Basis conversion for binary fields 98A.8 B

46、ases for binary fields: tables and algorithms . 104A.9 Elliptic curves: overview . 115A.10 Elliptic curves: algorithms . 121A.11 Functions for elliptic curve parameter and key generation 131A.12 Functions for elliptic curve parameter and key validation. 134A.13 Class group calculations 143A.14 Compl

47、ex multiplication . 147A.15 Primality tests and proofs. 157A.16 Generation and validation of parameters and keys 162Annex B (normative) Conformance 170B.1 General model 170B.2 Conformance requirements 171B.3 Examples 173Annex C (informative) Rationale 177C.1 General. 177C.2 Keys and domain parameter

48、s. 178C.3 Schemes . 179Copyright 2000 IEEE. All rights reserved.viiiAnnex D (informative) Security considerations 182D.1 Introduction 182D.2 General principles 182D.3 Key management considerations . 184D.4 Family-specific considerations 188D.5 Scheme-specific considerations. 198D.6 Random number gen

49、eration. 208D.7 Implementation considerations 212Annex E (informative) Formats 213E.1 Overview 213E.2 Representing basic data types as octet strings . 213E.3 Representing outputs of schemes as octet strings 216Annex F (informative) Bibliography 217Copyright 2000 IEEE. All rights reserved.1IEEE Standard Specifications forPublic-Key Cryptography1. Overview1.1 ScopeThis standard covers specifications for common public-key cryptographic techniques, includingmathematical primitives for secret value (key) derivation, public-key encryption and digital signatures, andcryptographi

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1