ImageVerifierCode 换一换
格式:PDF , 页数:20 ,大小:1.20MB ,
资源ID:436071      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-436071.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ANSI INCITS ISO IEC 11770-2-1996 Information technology - Security techniques - Key management - Part 2 Mechanisms using symmetric techniques.pdf)为本站会员(eventdump275)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ANSI INCITS ISO IEC 11770-2-1996 Information technology - Security techniques - Key management - Part 2 Mechanisms using symmetric techniques.pdf

1、INTERNATIONAL STANDARD ISO/IEC I 1770-2 First edition 1996-04-I 5 Information technology - Security techniques - Key management - Part 2: Mechanisms using symmetric techniques Technologies de /information - Techniques de s see for example IS0 8732. Besides key establishment, goals of such a mechanis

2、m may include unilateral or mutual authentication of the communicating entities. Further goals may be the verification of the integrity of the established key, or key confirmation. The following standards contain provisions which, through reference in this text, constitute provisions of this part of

3、 ISO/IEC 11770. At the time of publication, the editions indicated were valid. All standards are subject to revision, and parties to agreements based on this part of ISO/IEC 11770 are encouraged to investigate the possibility of applying the most recent editions of the standards indicated below. Mem

4、bers of IEC and IS0 maintain registers of currently valid International Standards. IS0 7498-2: 1989, Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture. ISO/IEC 9798-2: 1994, Information technology - Security techniques - Entity auth

5、entication - Part 2: Mechanisms using symmetric encipherment algorithms. This part of ISO/IEC 11770 addresses three environments for the establishment of keys: Point-to-Point, Key Distribution Centre (KDC) and Key Translation Centre (KTC). This part of ISOiIEC 11770 describes the required content of

6、 messages which carry keying material or are necessary to set up the conditions under which the keying material can be established. The document does not indicate other information which may be contained in the messages or specify other messages such as error messages. The explicit format of message

7、s is not within the scope of this part of ISO/IEC 11770. ISOIIEC 9798-4: 1995, Information technology - Security techniques - Entity authentication - Part 4: Mechanisms using a cryptographic check function. lSO/lEC 11770-l: - , Information technology - Security techniques - Key management - Part I:

8、Key management framework. 3 Definitions and Notation 3.1 Definitions This part of ISO/IEC 11770 does not explicitly address the issue of interdomain key management. This part of ISO/IEC 11770 also does not define the implementation of key management mechanisms; there may be different products that c

9、omply with this part of ISO/IEC 11770 and yet are not compatible. For the purposes of this part of ISO/IEC 11770 the definitions given in ISO/IEC 11770-l apply. In addition, this part of ISO/IEC 11770 makes use of the following terms: 3.1.1 distinguishing identifier: Information which unambiguously

10、distinguishes an entity. 1 To be published. 1 ISO/IEC 11770-2:1996(E) ISO/IEC 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.1.7 3.1.8 3.1.9 3.1.10 entity authentication: The corroboration that an entity is the one claimed. key confirmation: The assurance for one entity that another identified entity is in possess

11、ion of the correct key. key control: The ability to choose the key, or the parameters used in the key computation. key generating function: A function which takes as input a number of parameters, at least one of which shall be secret, and which gives as output keys appropriate for the intended algor

12、ithm and application. The function shall have the property that it shall be computationally infeasible to deduce the output without prior knowledge of the secret input. point-to-point key establishment: The direct establishment of keys between entities, without involving a third party. random number

13、: A time variant parameter whose value is unpredictable. redundancy: Any information that is known and can be checked. sequence number: A time variant parameter whose value is taken from a specified sequence which is non-repeating within a certain time period. time variant parameter: A data item use

14、d to verify that a message is not a replay, such as a random number, a sequence number, or a time stamp. 3.2 Notation Throughout this part of ISO/IEC 11770 the following notation is used: x is the distinguishing identifier of entity X. KDC denotes a Key Distribution Centre. KTC denotes a Key Transla

15、tion Centre. T is the distinguishing identifier of the Key Distribution Centre or the Key Translation Centre. F denotes keying material. KXY is a secret key associated with the entities X and Y. R is a random number. Rx is a random number issued by entity X. T/N is a time stamp or a sequence number.

16、 Txmx is a time stamp or a sequence number issued by entity X. TVP is a time variant parameter. TVPx eK(Z) WZ) VW) f x II y is a time variant parameter issued by entity X. is the result of the encipherment of data Z with a symmetric algorithm using the key K. is the result of the decipherment of dat

17、a Z with a symmetric algorithm using the key K. is the result of a cryptographic check function computed on data Z using the key K. vK(Z) is also called message authentication code (MAC) and may be denoted as macK(Z). denotes a key generating function. is the result of the concatenation of data item

18、s X and Y in that order. The fields Textl, Text2, . . . specified in the mechanisms may contain optional data for use in applications outside the scope of this part of ISO/IEC 11770 (they may be empty). Their relationship and contents depend upon the specific application. One such possible applicati

19、on is message authentication (see annex B for an example). Likewise, optional plaintext text fields may be prepended or appended to any of the messages. They have no security implications and are not explicitly included in the mechanisms specified in this part of ISO/IEC 11770. Data items that are o

20、ptional in the mechanisms are shown in italics. 4 Requirements The key establishment mechanisms specified in this part of ISO/IEC 11770 make use of symmetric cryptographic techniques, more specifically symmetric encipherment algorithms and/or key generating functions. The cryptographic algorithms an

21、d the key life-time shall be chosen such that it is computationally infeasible for a key to be deduced during its life-time. If the following additional requirements are not met, the key establishment process may be compromised or it cannot be implemented. For those mechanisms making use of a symmet

22、ric encipherment algorithm, either assumption a) or assumption b) is required. 4 The encipherment algorithm, its mode of operation and the redundancy in the plaintext shall provide the recipient with the means to detect forged or manipulated data. b) The integrity of the enciphered data shall be ens

23、ured by a data integrity mechanism. If a hash-function is used for this purpose the hash-code shall either be appended to the data before encipherment or be placed in a plaintext text field. ISO/IEC ISO/IEC 11770-2:1996(E) NOTES 5.1 Key Establishment Mechanism 1 1 - Modes of operation for block ciph

24、er algorithms are standardized in ISOiIEC 10116. 2 - A data integrity mechanism is standardized in ISO/IEC 9797. Hash-functions are standardized in ISO/IEC 10118. 3 - When a KDC or KTC is involved, assumptions a) and b) are not always equivalent in terms of the ability to detect unambiguously on whi

25、ch link an active attack is being performed. See Annex B for examples. In key establishment mechanism 1 the key K is derived from a time variant parameter TVP, e.g., a random number R, a time stamp T, or a sequence number N, using a key generating function. Key establishment mechanism 1 provides no

26、authentication of the key K established by the mechanism. fie mechanism requires that A is able to generate a TVP. IZI A (1) TwJ B In each exchange specified in the mechanisms of clauses 5, 6 and 7, the recipient of a message shall know the claimed identity of the originator. If this is not the case

27、 from the context in which the mechanism is being used then this could, e.g., be achieved by the inclusion of identifiers in additional plaintext text fields of certain of the messages. Keying material may be established using either secure or insecure communication channels. When using only symmetr

28、ic cryptographic techniques, at least the first key shall be exchanged between two entities using a secure channel in order to allow secure communications. The key establishment mechanisms in this part of ISO/IEC 11770 require the use of time variant parameters such as time stamps, sequence numbers,

29、 or random numbers. In this context the use of the term random number also includes unpredictable pseudo-random numbers. The properties of these parameters, in particular that they are non-repeating, are important for the security of these mechanisms. For additional information on time variant param

30、eters see Annex B of ISO/IEC 9798-2. Figure 1 - Mechanism 1 Steps: (1) A generates a random number R, a time stamp T, or a sequence number N and transfers it to B. (1 a) Both A and B then derive the key K by using a key generating function P with inputs the shared secret key KAB and the time variant

31、 parameter TVP: K = f(KAB, TVP). See Annex B for examples of possible key generating functions. NOTE - To also provide authentication, key establishment mechanism 1 may be combined with an authentication mechanism as specified in 9798-2 or 9798-4. See annex B for an example. 5 Point-to-Point Key Est

32、ablishment The basic mechanism of every key establishment scheme is point-to-point key establishment which requires that the entities already share a key so that further keys may be established directly between the entities. For the implementation of the mechanisms specified in this clause it is ass

33、umed that 5.2 Key Establishment Mechanism 2 In key establishment mechanism 2 the key K is supplied by entity A. The mechanism provides no authentication of the key K established by the mechanism nor does it provide entity authentication. l A key KAB is shared by the entities A and B. l At least one

34、of A or B is able to generate, acquire or (1) eKAB( F 11 Textf ) contribute to a secret key K as described in the individual mechanism. A 0 Security requirements are concerned with the c confidentiality of K, and modification and replay Figure 2 - Mechanism 2 detection. 3 ISO/IEC 11770-2:1996(E) 0 I

35、SO/IEC Steps: (1) A sends B the keying material F (key K and optional data) enciphered with KAn. (la) On receipt of the message, B deciphers the enciphered part and thus obtains the key K. 5.3 Key Establishment Mechanism 3 Key establishment mechanism 3 is derived from the one pass entity authenticat

36、ion mechanism of ISO/IEC 9798-2, clause 5.1.1. In this mechanism the key K is supplied by entity A. Key establishment mechanism 3 provides unilateral authentication, i.e., entity A is authenticated by the mechanism. Uniqueness/timeliness is controlled by time stamps or sequence numbers. The mechanis

37、m requires that both A and B are able to maintain mechanisms for generating or verifying the validity of time stamps T or sequence numbers N. i (1) eKAe(TlN II B II F II Textl) A Figure 3 - Mechanism 3 Steps: (1) A sends B a time stamp or sequence number T/N, the distinguishing identifier B, and the

38、 keying material F (key K and optional data). The inclusion of the distinguishing identifier B is optional. The data fields are enciphered with KAn. (la) On receipt of the message, B deciphers the enciphered part, checks the correctness of its distinguishing identifier, if present, checks the time s

39、tamp or sequence number, and obtains the key K. NOTE - Distinguishing identifier B is included in step (1) to prevent a substitution attack, i.e., the re-use of this message by an adversary masquerading as B (see Annex A). In environments where such attacks cannot occur, the identifier may be omitte

40、d. 5.4 Key Establishment Mechanism 4 Key establishment mechanism 4 is derived from the two pass unilateral entity authentication mechanism of ISO/IEC 9798-2, clause 5.1.2. In this mechanism the key K is supplied by entity A. Key establishment mechanism 4 provides unilateral authentication, i.e., ent

41、ity A is authenticated by the mechanism. Uniqueness/timeliness is controlled by a random number RB. The mechanism requires that B is able to generate random numbers. Steps: (1) (2) (24 (1) RB (2) eKAB(RB II I3 II F II Text?) Figure 4 - Mechanism 4 B sends A a random number Rn. A sends B the received

42、 number Rn, the distinguishing identifier B, and the keying material F (key K and optional data). The inclusion of the distinguishing identifier B is optional. The data fields are enciphered with KAn. On receipt of message (2), B deciphers the enciphered part, checks the correctness of its distingui

43、shing identifier, if present, checks that the random number RB, sent to A in step (1) was used in constructing message (2), and obtains the key K. NOTE - Distinguishing identifier B is included in step (2) to prevent a substitution attack, i.e., the re-use of this message by an adversary masqueradin

44、g as B (see Annex A). In environments where such attacks cannot occur, the identifier may be omitted. 5.5 Key Establishment Mechanism 5 Key establishment mechanism 5 is derived from the two pass mutual authentication mechanism of ISO/IEC 9798-2, clause 5.2.1. This mechanism enables both A and B to c

45、ontribute part of the established key K. Key establishment mechanism 5 provides mutual authentication, i.e., both communicating entities are authenticated by the mechanism. Uniqueness/timeliness is controlled by time stamps or sequence numbers. The mechanism requires that both A and B are able to ma

46、intain mechanisms for generating and verifying the validity of time stamps T or sequence numbers N. Steps: (1) A sends B a time stamp or sequence number TA/NA, the distinguishing identifier B, and the keying material FA. The inclusion of the 0 ISO/lEC ISO/IEC 11770-2:1996(E) 3. (1) eKne(TdNn II B II

47、 FA II Text?) A (2) eKAB(TdNB II A II FB II Texf2) 0) (2) Pa) (2b) Figure 5 - Mechanism 5 distinguishing identifier B is optional. The data fields are enciphered with KAB. On receipt of message (I), B deciphers the enciphered part, checks the correctness of its distinguishing identifier, if present,

48、 and checks the time stamp or sequence number. B sends A a time stamp or sequence number TB/NB, the distinguishing identifier A, and the keying material Fe. The inclusion of the distinguishing identifier A is optional. The data fields are enciphered with KAB. On receipt of message (2) A deciphers th

49、e enciphered part, checks the correctness of its distinguishing identifier, if present, and checks the time stamp or sequence number. Both A and B derive the key K by using a key generating function f with inputs the secret keying material fields FA and FB: K = f(F this process produces the translated key. The KTC then either (4 sends the translated key back to the originator who then forwards it to the ultimate recipient, or I forwards the translated key to the ultimate recipient directly. In an environment where a KTC is used the originator shall have the ability to generate or ot

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1