ANSI IEEE 1363.2-2008 Specifications for Password-Based Public-Key Cryptographic Techniques (IEEE Computer Society)《基于密码的公钥加密技术用标准规范》.pdf

1、IEEE Std 1363.2-2008IEEE Standard Specifications forPassword-Based Public-KeyCryptographic TechniquesIEEE3 Park Avenue New York, NY 10016-5997, USA29 January 2009IEEE Computer SocietySponsored by theMicroprocessor Standards Committee 1363.2TMThis is a copyrighted IEEE Standard. For personal or stand

2、ards development use only. This is a copyrighted IEEE Standard. For personal or standards development use only. IEEE Std 1363.2-2008IEEE Standard Specifications for Password-Based Public-Key Cryptographic TechniquesSponsorMicroprocessor Standards Committeeof theIEEE Computer SocietyApproved 26 Septe

3、mber 2008IEEE-SA Standards BoardApproved 2 February 2009American National Standards InstituteThis is a copyrighted IEEE Standard. For personal or standards development use only. Abstract: This standard covers specifications of public-key cryptographic techniques for password-based authentication and

4、 key establishment, supplemental to the techniques described in IEEE Std 1363-2000 and IEEE Std 1363a-2004. It is intended as a companion standard to IEEE Std 1363-2000 and IEEE Std 1363a-2004. It includes specifications of primitives and schemes designed to utilize passwords and other low-grade sec

5、rets as a basis for securing electronic transactions, including schemes for password-authenticated key agreement and password-authenticated key retrieval. Keywords: authentication, key agreement, password, public-key cryptography The Institute of Electrical and Electronics Engineers, Inc. 3 Park Ave

6、nue, New York, NY 10016-5997, USA Copyright 2009 by the Institute of Electrical and Electronics Engineers, Inc. All rights reserved. Published 29 January 2009. Printed in the United States of America. 2ndPrinting 12 June 2009. The following ISBNs were incorrect in the 1stPrinting on 29 January 2009.

7、 PDF: ISBN 978-0-7381-5806-8 STD95824 Print: ISBN 978-0-7381-5807-5 STDPD95824 The correct ISBNs are: PDF: ISBN 978-0-7381-6016-0 STD95824 Print: ISBN 978-0-7381-6017-7 STDPD95824 IEEE is a registered trademark in the U.S. Patent +1 978 750 8400. Permission to photocopy portions of any individual st

8、andard for educational classroom use can also be obtained through the Copyright Clearance Center. This is a copyrighted IEEE Standard. For personal or standards development use only. iv Copyright 2009 IEEE. All rights reserved. Introduction This introduction is not part of IEEE Std 1363.2-2008, IEEE

9、 Standard Specification for Password-Based Public-Key Cryptographic Techniques. The history of the IEEE P1363.2aproject began in late 1996 with a presentation to the IEEE P1363 Working Group of a password-based public-key method for key agreement. Originally submitted as material for potential inclu

10、sion in the P1363 document, which later became IEEE Std 1363-2000,bthis class of technique was deemed to be sufficiently interesting and yet sufficiently different from the original focus of the IEEE P1363 Working Group as to merit further study to determine how it should be addressed. At that time,

11、 the techniques included in the P1363 draft were fairly stable; however, there were also other additional techniques that had been submitted to the Working Group that warranted further study and consideration. The P1363a project became the entry point for newly proposed methods that were similar in

12、function to and in the same mathematical families as methods in the P1363 project, which focused on key exchange, digital signature, and public-key encryption schemes in the integer factorization, discrete logarithm (DL), and elliptic curve (EC) families. Work on P1363a progressed while IEEE Std 136

13、3-2000 was solidified and prepared for the IEEE balloting process. In time, the Working Group similarly chose to close P1363a to additional techniques and prepare it for ballot, leaving standardization of additional techniques to future standards. P1363a resulted in the IEEE Std 1363a-2004 amendment

14、. Throughout the process of creating these standards, the Working Group continued to receive numerous submissions of creative, useful, and well-designed public-key cryptographic techniques, including password-based techniques. To address the number of submitted techniques that fell outside the funct

15、ional or familial scope of both IEEE Std 1363-2000 and IEEE Std 1363a-2004, the Microprocessor Standards Committee (MSC) commissioned a study group, in which many of the IEEE P1363 Working Group members participated, to explore the possibility of creating additional standards related to public-key c

16、ryptography. In late 2000, the Working Group began work on P1363.2 (password-based public-key cryptographic techniques) and P1363.1 (public-key cryptographic techniques based on hard problems over lattices). The Working Group has also begun work on P1363.3 (identity-based cryptographic techniques us

17、ing pairings) and has discussed other potential projects to continue the work from IEEE Std 1363a-2004. The IEEE P1363 Working Group continues to be an excellent forum for experts to discuss technical and standardization issues associated with public-key cryptography. It has provided a focal point f

18、or the presentation of new developments in public-key cryptography and remains a source for up-to-date information on the topic. For the duration of its existence, the Working Group intends to maintain a Web site that will support all of the IEEE 1363 standards and current projects.cThe IEEE P1363 W

19、orking Group would once again like to thank all of the participants and outside experts that have contributed to this standard, to the development of public-key technology and to the P1363 process. aThe P indicates an IEEE authorized standards project that was not approved by the IEEE-SA Standards B

20、oard at the time the Working Group was formed. bInformation on references can be found in Clause 2. cInformation can be found at: http:/grouper.ieee.org/groups/1363/index.html. This is a copyrighted IEEE Standard. For personal or standards development use only. v Copyright 2009 IEEE. All rights rese

21、rved. Notice to users Laws and regulations Users of these documents should consult all applicable laws and regulations. Compliance with the provisions of this standard does not imply compliance to any applicable regulatory requirements. Implementers of the standard are responsible for observing or r

22、eferring to the applicable regulatory requirements. IEEE does not, by the publication of its standards, intend to urge action that is not in compliance with applicable laws, and these documents may not be construed as doing so. Copyrights This document is copyrighted by the IEEE. It is made availabl

23、e for a wide variety of both public and private uses. These include both use, by reference, in laws and regulations, and use in private self-regulation, standardization, and the promotion of engineering practices and methods. By making this document available for use and adoption by public authoriti

24、es and private users, the IEEE does not waive any rights in copyright to this document. Updating of IEEE documents Users of IEEE standards should be aware that these documents may be superseded at any time by the issuance of new editions or may be amended from time to time through the issuance of am

25、endments, corrigenda, or errata. An official IEEE document at any point in time consists of the current edition of the document together with any amendments, corrigenda, or errata then in effect. In order to determine whether a given document is the current edition and whether it has been amended th

26、rough the issuance of amendments, corrigenda, or errata, visit the IEEE Standards Association Web site at http:/ieeexplore.ieee.org/xpl/standards.jsp, or contact the IEEE at the address listed previously. For more information about the IEEE Standards Association or the IEEE standards development pro

27、cess, visit the IEEE-SA Web site at http:/standards.ieee.org. Errata Errata, if any, for this and all other standards can be accessed at the following URL: http:/standards.ieee.org/reading/ieee/updates/errata/index.html. Users are encouraged to check this URL for errata periodically. Interpretations

28、 Current interpretations can be accessed at the following URL: http:/standards.ieee.org/reading/ieee/interp/ index.html. This is a copyrighted IEEE Standard. For personal or standards development use only. vi Copyright 2009 IEEE. All rights reserved. Patents Attention is called to the possibility th

29、at implementation of this standard may require use of subject matter covered by patent rights. By publication of this standard, no position is taken with respect to the existence or validity of any patent rights in connection therewith. A patent holder or patent applicant has filed a statement of as

30、surance that it will grant licenses under these rights without compensation or under reasonable rates, with reasonable terms and conditions that are demonstrably free of any unfair discrimination to applicants desiring to obtain such licenses. Other Essential Patent Claims may exist for which a stat

31、ement of assurance has not been received. The IEEE is not responsible for identifying Essential Patent Claims for which a license may be required, for conducting inquiries into the legal validity or scope of Patents Claims, or determining whether any licensing terms or conditions provided in connect

32、ion with submission of a Letter of Assurance, if any, or in any licensing agreements are reasonable or non-discriminatory. Users of this standard are expressly advised that determination of the validity of any patent rights, and the risk of infringement of such rights, is entirely their own responsi

33、bility. Further information may be obtained from the IEEE Standards Association. Participants At the time this standard was submitted to the IEEE-SA Standards Board for approval, the IEEE P1363 Working Group had the following membership: William Whyte, Chair Don B. Johnson, Vice Chair Mike Brenner,

34、Primary Editor David Jablon, 1363.2 Project Editor Guido Appenzeller Xavier Boyen Daniel Brown Mark Chimley Andy Dancer Luther Martin Roger Schlafly Hovav Shacham Ari Singer Jerry Solinas Terence Spies Yongge Wang In addition, the Working Group would like to thank the following people for their cont

35、ributions to the standard: Wole Akpose Kendall Ananyi Mihir Bellare Liqun Chen Wei Dai Warwick Ford Eric Fung Craig Gentry Jim Hughes Bill Jennings Burt Kaliski Pieter Kasselman Jonathan Katz David Kravitz Hugo Krawczyk Taekyoung Kwon Philip D. MacKenzie James H Manger Chris Mitchell Rafail Ostrovsk

36、y Zulfikar Ramzan Phil Rogaway Victor Shoup Ram Swaminathan Michael Wiener Tom Wu Kim-Ee Yeoh Moti Yung The Working Group apologizes for any inadvertent omissions from the preceding lists. Please note that inclusion of a persons name does not imply that the person agrees with all the materials in th

37、e standard. This is a copyrighted IEEE Standard. For personal or standards development use only. vii Copyright 2009 IEEE. All rights reserved. The following members of the individual balloting committee voted on this standard. Balloters may have voted for approval, disapproval, or abstention. Matthe

38、w Ball Mike Brenner Juan Carreon Weijen Chen Keith Chow Tommy Cooper Andy Dancer James Davis Yaacov Fenster Michael Geipel Randall Groves Werner Hoelzl Atsushi Ito David Jablon Raj Jain Piotr Karocki William Lumpkins G. Luri Philip D. MacKenzie Michael Markowitz Edward McCall Earl Meiers Gary Michel

39、 Apurva Mody Michael S. Newman Nick S. A. Nikjoo Vikram Punj Robert Robinson Fernando Lucas Rodriguez Michael Rush Suman Sharma Gil Shultz Steven Smith Thomas Starai Rene Struik Gerald Stueve Mark-Rene Uchida William Whyte Oren Yuen Janusz Zalewski When the IEEE-SA Standards Board approved this stan

40、dard on 26 September 2008, it had the following membership: Robert M. Grow, Chair Thomas Prevost, Vice Chair Steve M. Mills, Past Chair Judith Gorman, Secretary Victor Berman Richard DeBlasio Andy Drozd Mark Epstein Alexander Gelman William R. Goldbach Arnold M. Greenspan Kenneth S. Hanus Jim Hughes

41、 Richard H. Hulett Young Kyun Kim Joseph L. Koepfinger* John Kulick David J. Law Glenn Parsons Ronald C. Petersen Chuck Powers Narayanan Ramachandran Jon Walter Rosdahl Anne-Marie Sahazizian Malcolm V. Thaden Howard L. Wolfman Don Wright*Member Emeritus Also included are the following nonvoting IEEE

42、-SA Standards Board liaisons: Satish K. Aggarwal, NRC Representative Michael Janezic, NIST Representative Lorraine Patsco IEEE Standards Program Manager, Document Development Malia Zaman IEEE Standards Program Manager, Technical Program Development This is a copyrighted IEEE Standard. For personal or standards development use only.