ImageVerifierCode 换一换
格式:PDF , 页数:26 ,大小:122.59KB ,
资源ID:435975      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-435975.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ANSI INCITS ISO IEC 10118-2-2000 Information technology - Security techniques - Hash-functions - Part 2 Hash-functions using an n-bit block cipher.pdf)为本站会员(brainfellow396)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ANSI INCITS ISO IEC 10118-2-2000 Information technology - Security techniques - Hash-functions - Part 2 Hash-functions using an n-bit block cipher.pdf

1、Adopted by INCITS (InterNational Committee for Information Technology Standards) as an American National Standard.Date of ANSI Approval: 8/1/2001Published by American National Standards Institute,25 West 43rd Street, New York, New York 10036Copyright 2003 by Information Technology Industry Council (

2、ITI).All rights reserved.These materials are subject to copyright claims of International Standardization Organization (ISO), InternationalElectrotechnical Commission (IEC), American National Standards Institute (ANSI), and Information Technology Industry Council(ITI). Not for resale. No part of thi

3、s publication may be reproduced in any form, including an electronic retrieval system, withoutthe prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW,Washington, DC 20005.Printed in the United States of AmericaReference numberISO/I

4、EC 10118-2:2000(E)ISO/IEC 2000INTERNATIONALSTANDARDISO/IEC10118-2Second edition2000-12-15Information technology Securitytechniques Hash-functions Part 2:Hash-functions using an n-bit block cipherTechnologies de linformation Techniques de scurit Fonctions debrouillage Partie 2: Fonctions de brouillag

5、e utilisant un chiffrement par blocs de n bitsISO/IEC 10118-2:2000(E)PDF disclaimerThis PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall notbe edited unless the typefaces which are embedded are licensed to and installed

6、 on the computer performing the editing. In downloading thisfile, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in thisarea.Adobe is a trademark of Adobe Systems Incorporated.Details of the software products used

7、 to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameterswere optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely eventthat a problem relating to it is found, please info

8、rm the Central Secretariat at the address given below. ISO/IEC 2000All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronicor mechanical, including photocopying and microfilm, without permission in writing from

9、 either ISO at the address below or ISOs member bodyin the country of the requester.ISO copyright officeCase postale 56 Gb7 CH-1211 Geneva 20Tel. + 41 22 749 01 11Fax + 41 22 749 09 47E-mail copyrightiso.chWeb www.iso.chPrinted in Switzerlandii ISO/IEC 2000 All rights reservedISO/IEC 10118-2:2000(E)

10、 ISO/IEC 2000 All rights reserved iiiContents PageForeword.ivIntroduction.v1 Scope 12 Normative references 13 Terms and definitions .14 Symbols and abbreviated terms 15 Use of the general model 26 Hash-function one .26.1 Parameter selection.26.2 Padding method.26.3 Initializing value .26.4 Round-fun

11、ction 26.5 Output transformation.37 Hash-function two .37.1 Parameter selection.37.2 Padding method.37.3 Initializing value .37.4 Round-function 47.5 Output transformation.58 Hash-function three.58.1 General58.2 Parameter selection.58.3 Padding method.58.4 Initializing value .68.5 Round-function 68.

12、6 Output transformation.89 Hash-function four.89.1 General89.2 Parameter selection.89.3 Padding method.89.4 Initializing value .89.5 Round-function 89.6 Output transformation.10Annex A (informative) Use of DEA.11Annex B (informative) Examples .14Bibliography19ISO/IEC 10118-2:2000(E)iv ISO/IEC 2000 A

13、ll rights reservedForewordISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission)form the specialized system for worldwide standardization. National bodies that are members of ISO or IECparticipate in the development of International Standards

14、 through technical committees established by therespective organization to deal with particular fields of technical activity. ISO and IEC technical committeescollaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, inliaison with ISO and IEC, al

15、so take part in the work.International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 3.In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.Draft International Standards adopted by the joint technic

16、al committee are circulated to national bodies for voting.Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote.International Standard ISO/IEC 10118-2 was prepared by Joint Technical Committee ISO/IEC JTC 1, Informationtechnology, Subcommit

17、tee SC 27, IT Security techniques.This second edition cancels and replaces the first edition (ISO/IEC 10118-2:1994), which has been technicallyrevised to conform to the general model described in ISO/IEC 10118-1, and to add two additional hash-functions.Note, however, that implementations which comp

18、ly with ISO/IEC 10118-2:1994 will be compliant with this edition ofISO/IEC 10118-2.ISO/IEC 10118 consists of the following parts, under the general title Information technology Securitytechniques Hash-functions: Part 1: General Part 2: Hash-functions using an n-bit block cipher Part 3: Dedicated has

19、h-functions Part 4: Hash-functions using modular arithmeticAnnexes A and B of this part of ISO/IEC 10118 are for information only.ISO/IEC 10118-2:2000(E) ISO/IEC 2000 All rights reserved vIntroductionThe International Organization for Standardization (ISO) and the International Electrotechnical Comm

20、ission (IEC)draw attention to the fact that it is claimed that compliance with this part of ISO/IEC 10118 may involve the use of apatent concerning the “Data Authentication Using Modification Detection Codes Based on a Public One WayEncryption Function,” (U.S. Patent 4,908,861 issued 1990-03-13).ISO

21、 and IEC take no position concerning the evidence, validity and scope of this patent right.The holder of this patent right has assured ISO and IEC that he is willing to negotiate licences under reasonableand non-discriminatory terms and conditions with applicants throughout the world. In this respec

22、t, the statement ofthe holder of this patent right is registered with ISO and IEC. Information may be obtained from:Director of LicensingInternational Business Machnies Corporation500 Columbus AvenueThornwood, NY 10594U.S.A.Attention is drawn to the possibility that some of the elements of this part

23、 of ISO/IEC 10118 may be the subject ofpatent rights other than those identified above. ISO and IEC shall not be held responsible for identifying any or allsuch patent rights.INTERNATIONAL STANDARD ISO/IEC 10118-2:2000(E) ISO/IEC 2000 All rights reserved 1Information technology Security techniques H

24、ash-functions Part 2:Hash-functions using an n-bit block cipher1 ScopeThis part of ISO/IEC 10118 specifies hash-functions which make use of an n-bit block cipher algorithm. They aretherefore suitable for an environment in which such an algorithm is already implemented.Four hash-functions are specifi

25、ed. The first provides hash-codes of length smaller than or equal to n,wheren is theblock-length of the algorithm used. The second provides hash-codes of length less than or equal to 2n;thethirdprovides hash-codes of length equal to 2n; and the fourth provides hash-codes of length 3n. All four of th

26、e hash-functions specified in this part of ISO/IEC 10118 conform to the general model specified in ISO/IEC 10118-1.2 Normative referencesThe following normative documents contain provisions which, through reference in this text, constitute provisions ofthis part of ISO/IEC 10118. For dated reference

27、s, subsequent amendments to, or revisions of, any of thesepublications do not apply. However, parties to agreements based on this part of ISO/IEC 10118 are encouraged toinvestigate the possibility of applying the most recent editions of the normative documents indicated below. Forundated references,

28、 the latest edition of the normative document referred to applies. Members of ISO and IECmaintain registers of currently valid International Standards.ISO/IEC 10116:1997, Information technology Security techniques Modes of operation for an n-bit block cipher.ISO/IEC 10118-1:2000, Information technol

29、ogy Security techniques Hash-functions Part 1: General.3 Terms and definitionsFor the purposes of this part of ISO/IEC 10118, the terms and definitions given in ISO/IEC 10118-1 and thefollowing apply.3.1n-bit block ciphera block cipher with the property that plaintext blocks and ciphertext blocks ar

30、e n bits in length (see ISO/IEC 10116)4 Symbols and abbreviated termsFor the purposes of this part of ISO/IEC 10118, the symbols and abbreviations given in ISO/IEC 10118-1 and thefollowing apply:en-bit block cipher algorithm (see ISO/IEC 10116)K Key for the algorithm e (see ISO/IEC 10116)ISO/IEC 101

31、18-2:2000(E)2 ISO/IEC 2000 All rights reservedeK(P) Operation of encipherment using the algorithm e and the key K (see ISO/IEC 10116) on plaintext Pu or uGa2 Transformation of one n-bit block into a key for the algorithm eBLWhen n is even, the string composed of the n/2 leftmost bits of the block B.

32、 When n is odd, the stringcomposed of the (n+1)/2 leftmost bits of the block BBRWhen n is even, the string composed of the n/2 rightmost bits of the block B. When n is odd, the stringcomposed of the (n-1)/2 rightmost bits of the block BBxWhen B is a string of nm-bit blocks, Bxrepresents the x-th m-b

33、it block of BBx-yWhen B is a string of nm-bit blocks, Bx-yrepresents the x-th through the y-th m-bit blocks of B5 Use of the general modelThe hash-functions specified in the next four clauses provide hash-codes H of length LH. The hash-functionconforms to the general model specified in ISO/IEC 10118

34、-1. For each of the four hash-functions that follow, it istherefore only necessary to specify:Gbe the parameters L1, L2;Gbe the padding method;Gbe the initializing value IV;Gbe the round-function G66;Gbe the output transformation T.The use of a hash-function defined using the general model will also

35、 require the selection of the parameter LH.6 Hash-function one6.1 Parameter selectionThe parameters L1and L2and LHfor the hash-function specified in this clause shall satisfy L1= L2= n,andLHisless than or equal to n.6.2 Padding methodThe selection of the padding method for use with this hash-functio

36、n is beyond the scope of this part ofISO/IEC 10118. Examples of padding methods are presented in annex A of ISO/IEC 10118-1:2000.6.3 Initializing valueThe selection of the IV for use with this hash-function is beyond the scope of this part of ISO/IEC 10118. The valueof the IV shall be agreed upon an

37、d fixed by the users of the hash-function.6.4 Round-functionThe round-function G66 combines a padded data block Di(of L1= n-bits) with Hi-1, the previous output of the round-function (of L2= n bits), to yield Hi. As part of the round-function it is necessary to choose a function u,whichtransforms an

38、 n-bit block into a key for use with the block cipher algorithm e. The selection of the function u for usewith this hash-function is outside the scope of this part of ISO/IEC 10118 (see annex A for guidance).ISO/IEC 10118-2:2000(E) ISO/IEC 2000 All rights reserved 3The round-function itself is defin

39、ed as follows:G66 (Dj, Hj-1)=eKj(Dj) Gc5 Djwhere Kj= u (Hj-1). The round-function is shown in Figure 1.Figure 1 Round-function of hash-function one6.5 Output transformationThe output transformation T is simply truncation, i.e., the hash-code H is derived by taking the leftmost LHbits ofthe final out

40、put block Hq.7 Hash-function two7.1 Parameter selectionThe parameters L1and L2and LHfor the hash-function specified in this clause shall satisfy L1= n, L2=2n, and LHisless than or equal to 2n.7.2 Padding methodThe selection of the padding method for use with this hash-function is beyond the scope of

41、 this part ofISO/IEC 10118. Examples of padding methods are presented in annex A of ISO/IEC 10118-1:2000.7.3 Initializing valueThe selection of the IV (of length 2n) for use with this hash-function is beyond the scope of this part ofISO/IEC 10118. The value of the IV shall be agreed upon and fixed b

42、y the users of the hash-function. However, theIV shall be selected such that u(IVL) and u(IVR) are different.euHj-1KjDjHjISO/IEC 10118-2:2000(E)4 ISO/IEC 2000 All rights reserved7.4 Round-functionThe round-function G66 combines a padded data block Di(of L1= n bits) with Hi-1, the previous output of

43、the round-function (of L2=2n bits), to yield Hi. As part of the round-function it is necessary to choose two transformations uand uGa2.These transformations are used to transform an output block into two suitable LKbit keys for the algorithm e.The specification of u and uGa2 is beyond the scope of t

44、his part of ISO/IEC 10118. However, it should be taken intoconsideration that the selection of u and uGa2 is important for the security of the hash-function (see annex A).Set H0Land H0Requal to IVLand IVRrespectively. The output blocks are calculated iteratively in the following way,for j =1toq:G66

45、(Dj, Hj-1)=HjKjL= u(Hj-1L)andKjR= uGa2 (Hj-1R)Bj= eKjL(Dj) Gc5 Dj, and B Ga2j= eKjR(Dj) Gc5 DjHjL= BjL| B Ga2jRand HjR=B Ga2jL| BjRThe round-function is shown in Figure 2.Figure 2 Round-function of hash-function twoHjHj-1RHj-1LHj-1Re eBjLBjRBjLBGa2jRB Ga2jLB Ga2jRBGa2jLBjRuuGa2Hj-1LKjLDjKjRHj-1HjLHj

46、RISO/IEC 10118-2:2000(E) ISO/IEC 2000 All rights reserved 57.5 Output transformationIf LHis even, the hash-code is the concatenation of the LH/2 leftmost bits of HqLand the LH/2 leftmost bits of HqR.IfLHis odd, the hash-code is the concatenation of the (LH+1)/2 leftmost bits of HqLand the (LH-1)/2 l

47、eftmost bits ofHqR.8 Hash-function threeThe hash-function specified in this clause provides hash-codes of length LH, where LHis equal to 2n for evenvalues of n.8.1 GeneralSome specific definitions that are required to specify hash-function three follow.Transformation u:Define r mappings u1, u2, , ur

48、from the ciphertext space to the key space, such that,For all i, j from the set 1,2,r, j Gb9 i, ui(C) Gb9 uj(C) for all values of C.This can be achieved by fixing specific key bits: e.g., if r = 8 one can fix three key bits to the values 000, 001, .,111. Additional conditions might be imposed upon t

49、he mappings ui, for example, to avoid the problems related toweak keys or complementation properties of the block cipher.Function fi:Define the r functions fias follows:fi(X,Y)=eui(X)(Y) Gc5 Y,1Ga3 i Ga3 r.Linear mapping G62:Define the linear mapping G62 that takes as input a 2n-bit string X = x0|x1|x2|x3and maps it to a 2n-bit string Y =y0|y1|y2|y3as follows:y0:= x0Gc5 x3y1:= x0Gc5 x1Gc5 x3y2:= x1Gc5 x2y3:= x2Gc5 x3Here xiand yjare n/2 bit strings.8.2 Parameter selectionThe parameters L1and L2and LHfor t

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1