ANSI INCITS ISO IEC 13888-1-2004 Information technology Security techniques Non-repudiation Part 1 General.pdf

1、INCITS/ISO/IEC 13888-1-2004 (ISO/IEC 13888-1:2004, IDT) Information technology Security techniques Non-repudiation Part 1: GeneralINCITS/ISO/IEC 13888-1-2004(ISO/IEC 13888-1:2004, IDT)INCITS/ISO/IEC 13888-1-2004 ii ITIC 2005 All rights reserved PDF disclaimer This PDF file may contain embedded typef

2、aces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infrin

3、ging Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optim

4、ized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. Adopted by INCITS (InterNational Committee for Information Te

5、chnology Standards) as an American National Standard. Date of ANSI Approval: 8/29/2005 Published by American National Standards Institute, 25 West 43rd Street, New York, New York 10036 Copyright 2005 by Information Technology Industry Council (ITI). All rights reserved. These materials are subject t

6、o copyright claims of International Standardization Organization (ISO), International Electrotechnical Commission (IEC), American National Standards Institute (ANSI), and Information Technology Industry Council (ITI). Not for resale. No part of this publication may be reproduced in any form, includi

7、ng an electronic retrieval system, without the prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW, Washington, DC 20005. Printed in the United States of America INCITS/ISO/IEC 13888-1-2004 ITIC 2005 All rights reserved iiiContents

8、 Page Forewordv Introductionvi 1 Scope 1 2 Normative references1 3 Terms and definitions .2 3.1 Definitions from ISO 7498-22 3.2 Definitions from ISO/IEC 9594-8.2 3.3 Definitions from ISO/IEC 9797-1.2 3.4 Definitions from ISO/IEC 10118-1.2 3.5 Definitions from ISO/IEC 10181-1.2 3.6 Definitions from

9、ISO/IEC 10181-4.3 3.7 Definitions from ISO/IEC 11770-3.3 3.8 Definitions from ISO/IEC 180144 3.9 Definitions unique to this International Standard on non-repudiation 4 4 Symbols (and abbreviated terms)7 5 Organisation of the remaining part of this part of the International Standard8 6 Requirements.8

10、 7 Generic non-repudiation services .8 7.1 Entities involved in the provision and verification of evidence8 7.2 Non-repudiation services9 8 Trusted third party involvement.9 8.1 Evidence generation phase 9 8.2 Evidence transfer, storage and retrieval phase .10 8.3 Evidence verification phase .10 9 E

11、vidence generation and verification mechanisms.10 9.1 Secure envelopes 10 9.2 Digital signatures.11 9.3 Evidence verification mechanism11 10 Non-repudiation tokens 11 10.1 Generic non-repudiation token 11 10.2 Time-stamping token.12 10.3 Notarization token .12 11 Specific non-repudiation services .1

12、3 11.1 Non-repudiation of origin13 11.2 Non-repudiation of delivery13 11.3 Non-repudiation of submission .13 11.4 Non-repudiation of transport14 12 Use of specific non-repudiation tokens in a messaging environment 14 INCITS/ISO/IEC 13888-1-2004 iv ITIC 2005 All rights reservedForeword ISO (the Inter

13、national Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees establis

14、hed by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the fi

15、eld of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draf

16、t International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this

17、document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 13888-1:2004 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security techniques. This second edition

18、 cancels and replaces the first edition (ISO/IEC 13888-1:1997), which has been technically revised. ISO/IEC 13888 consists of the following parts, under the general title IT security techniques Non-repudiation: Part 1: General Part 2: Mechanisms using symmetric techniques Part 3: Mechanisms using as

19、ymmetric techniques INCITS/ISO/IEC 13888-1-2004 ITIC 2005 All rights reserved vIntroduction The goal of the non-repudiation service is to generate, collect, maintain, make available and verify evidence concerning a claimed event or action in order to resolve disputes about the occurrence or non occu

20、rrence of the event or action. This part of ISO/IEC 13888 describes a model for non-repudiation mechanisms providing evidence based on cryptographic check values generated by using symmetric or asymmetric cryptographic techniques. Non-repudiation mechanisms generic to the various non-repudiation ser

21、vices are first described and then applied to a selection of specific non-repudiation services such as: Non-repudiation of origin, Non-repudiation of delivery, Non-repudiation of submission, Non-repudiation of transport. Non-repudiation services establish evidence: evidence establishes accountabilit

22、y regarding a particular event or action. The entity responsible for the action, or associated with the event, with regard to which evidence is generated, is known as the evidence subject. There are two main types of evidence the nature of which depends on cryptographic techniques employed: Secure e

23、nvelopes generated by an evidence generating authority using symmetric cryptographic techniques, Digital signatures generated by an evidence generator or an evidence generating authority using asymmetric cryptographic techniques. Non-repudiation mechanisms provide protocols for the exchange of non-r

24、epudiation tokens specific to each non-repudiation service. Non-repudiation tokens consist of secure envelopes and/or digital signatures and, optionally, of additional data. Non-repudiation tokens may be stored as non-repudiation information that may be used subsequently by disputing parties or by a

25、n adjudicator to arbitrate in disputes. Depending on the non-repudiation policy in effect for a specific application, and the legal environment within which the application operates, additional information may be required to complete the non-repudiation information, e.g., Evidence including a truste

26、d time-stamp provided by a time-stamping authority, Evidence provided by a notary which provides assurance about data created or the action or event performed by one or more entities. Non-repudiation can only be provided within the context of a clearly defined security policy for a particular applic

27、ation and its legal environment. Non-repudiation policies are described in ISO/IEC 10181-4. ITIC 2005 All rights reserved 11 Scope This part of ISO/IEC 13888 serves as a general model for subsequent parts specifying non-repudiation mechanisms using cryptographic techniques. This multipart Internatio

28、nal Standard provides non-repudiation mechanisms for the following phases of non-repudiation: Evidence generation, Evidence transfer, storage and retrieval, and Evidence verification. Dispute arbitration is outside the scope of this International Standard. 2 Normative references ISO 7498-2:1989, Inf

29、ormation processing systems Open Systems Interconnection Basic Reference Model, Part 2: Security Architecture. ISO/IEC 9594-8:2001, Information processing systems Open Systems Interconnection The Directory, Part 8: Authentication Framework. ISO/IEC 9796 (all parts), Information technology Security t

30、echniques Digital signature scheme giving message recovery. ISO/IEC 9797 (all parts), Information technology Security techniques Message authentication codes (MACs). ISO/IEC 9798-1:1997, Information technology Security techniques Entity authentication mechanisms Part 1: General ISO/IEC 10118 (all pa

31、rts), Information technology Security techniques Hash-functions. ISO/IEC 10181-1:1996, Information technology Open Systems Interconnection Security frameworks for open systems Part 1: Overview. ISO/IEC 10181-4:1997, Information technology Open Systems Interconnection Security frameworks for open sys

32、tems Part 4: Non-repudiation framework. ISO/IEC 11770-3:1999, Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques. ISO/IEC 13888-2:1998, Information technology Security techniques Non-repudiation Part 2: Mechanisms using symmetric techniques ISO/I

33、EC 13888-3:1997, Information technology Security techniques Non-repudiation Part 3: Mechanisms using asymmetric techniques ISO/IEC 14888 (all parts), Information technology Security techniques Digital signatures with appendix. ISO/IEC 18014 (all parts), Information technology Security techniques Tim

34、e-stamping services. The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. AMERICAN NATIONAL STANDARD I

35、NCITS/ISO/IEC 13888-1-2004IT security techniques Non-repudiation Part 1: General INCITS/ISO/IEC 13888-1-2004 3 Terms and definitions 3.1 Definitions from ISO 7498-2 3.1.1 Accountability The property that ensures that the actions of an entity may be traced uniquely to the entity. 3.1.2 Data integrity

36、 The property that data has not been altered or destroyed in an unauthorised manner. 3.1.3 Data origin authentication The corroboration that the source of data received is as claimed. 3.1.4 Digital signature Data appended to, or a cryptographic transformation of, a data unit that allows the recipien

37、t of the data unit to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient. 3.1.5 Security policy The set of criteria for the provision of security services. 3.2 Definitions from ISO/IEC 9594-8 3.2.1 Certification authority An authority trusted by one or

38、more users to create and assign certificates. Optionally the certification authority may create the users keys. 3.3 Definitions from ISO/IEC 9797-1 3.3.1 Message Authentication Code (MAC) The string of bits which is the output of a MAC algorithm. NOTE A MAC is sometimes called a cryptographic check

39、value (see for example ISO 7498-2). 3.4 Definitions from ISO/IEC 10118-1 3.4.1 Hash-code The string of bits that is the output of a hash-function. 3.4.2 Hash-function A function which maps strings of bits to fixed-length strings of bits, satisfying the following two properties: It is computationally

40、 infeasible to find for a given output an input which maps to this output, It is computationally infeasible to find for a given input a second input which maps to the same output. 3.5 Definitions from ISO/IEC 10181-1 3.5.1 Security authority An entity that is responsible for the definition or enforc

41、ement of security policy. 2 ITIC 2005 All rights reservedINCITS/ISO/IEC 13888-1-2004 3.5.2 Security certificate A set of security relevant data issued by a security authority or trusted third party, together with security information which is used to provide the integrity and data origin authenticat

42、ion. 3.5.3 Security token A set of security relevant data that is protected by integrity and data origin authentication from a source which is not considered a security authority. 3.5.4 Trust A relationship between two elements, a set of activities and a security policy in which element x trusts ele

43、ment y if and only if x has confidence that y will behave in a well defined way (with respect to the activities) that does not vio-late the given security policy. 3.6 Definitions from ISO/IEC 10181-4 3.6.1 Evidence generator An entity that produces non-repudiation evidence. 3.6.2 Evidence user An en

44、tity that uses non-repudiation evidence. 3.6.3 Evidence verifier An entity that verifies non-repudiation evidence. 3.6.4 Non-repudiation service requester An entity that requests that non-repudiation evidence be generated for a particular event or action. 3.7 Definitions from ISO/IEC 11770-3 3.7.1 K

45、ey A sequence of symbols that controls the operations of a cryptographic transformation (e.g., encipherment, decipherment, cryptographic check-function computation, signature calculation, or signature verification). 3.7.2 Private key That key of an entitys asymmetric key pair which can only be used

46、by that entity. NOTE - In the case of an asymmetric signature system the private key defines the signature transformation. In the case of an asymmetric encipherment system the private key defines the decipherment transformation. 3.7.3 Public key That key of an entitys asymmetric key pair which can b

47、e made public. NOTE In the case of an asymmetric signature scheme the public key defines the verification transformation. In the case of an asymmetric encipherment system the public key defines the encipherment transformation. A key that is publicly known is not necessarily globally available. The k

48、ey may only be available to all members of a pre-specified group. 3.7.4 Public key certificate The public key information of an entity signed by the certification authority and thereby rendered unforgeable. ITIC 2005 All rights reserved 3INCITS/ISO/IEC 13888-1-2004 3.7.5 Secret key A key used with s

49、ymmetric cryptographic techniques and usable only by a set of specified entities. 3.8 Definitions from ISO/IEC 18014 3.8.1 Time-stamp A time variant parameter which denotes a point in time with respect to a common time reference. 3.8.2 Time-stamping authority A trusted third party trusted to provide a time-stamping service. 3.9 Definitions unique to this International Standard on non-repudiation For the use of this multipart In