ImageVerifierCode 换一换
格式:PDF , 页数:37 ,大小:801.58KB ,
资源ID:437214      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-437214.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ANSI ISO IEC 15946-3-2002 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 3 Key establishment (Adopted by INCITS)《信息技术.安全技术.基于椭圆曲线.pdf)为本站会员(李朗)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ANSI ISO IEC 15946-3-2002 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 3 Key establishment (Adopted by INCITS)《信息技术.安全技术.基于椭圆曲线.pdf

1、 Reference numberISO/IEC 15946-3:2002(E)ISO/IEC 2002INTERNATIONAL STANDARD ISO/IEC15946-3First edition2002-12-01Information technology Security techniques Cryptographic techniques based on elliptic curves Part 3: Key establishment Technologies de linformation Techniques de scurit Techniques cryptogr

2、aphiques bases sur les courbes elliptiques Partie 3: tablissement de cl Adopted by INCITS (InterNational Committee for Information Technology Standards) as an American National Standard.Date of ANSI Approval: 7/7/2003Published by American National Standards Institute,25 West 43rd Street, New York, N

3、ew York 10036Copyright 2003 by Information Technology Industry Council (ITI).All rights reserved.These materials are subject to copyright claims of International Standardization Organization (ISO), InternationalElectrotechnical Commission (IEC), American National Standards Institute (ANSI), and Info

4、rmation Technology Industry Council(ITI). Not for resale. No part of this publication may be reproduced in any form, including an electronic retrieval system, withoutthe prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW,Washingto

5、n, DC 20005.Printed in the United States of AmericaISO/IEC 15946-3:2002(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and i

6、nstalled on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software p

7、roducts used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is foun

8、d, please inform the Central Secretariat at the address given below. ISO/IEC 2002 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission

9、 in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2002 All rights reserv

10、edISO/IEC 15946-3:2002(E)Contents1 Scope 12 Normative references 13 Terms and definitions. 24 Symbols and abbreviated terms . 45 Key derivation functions 56 Cofactor multiplication . 57 Key commitment . 68 Key agreement mechanisms 68.1 Common information. 68.2 Non-interactive key agreement of Diffie

11、-Hellman type (KANIDH). 78.2.1 Setup 78.2.2 Mechanism. 78.2.3 Properties 78.3 Key agreement of ElGamal type (KAEG) . 78.3.1 Setup 78.3.2 Mechanism 88.3.3 Properties 88.4 Key agreement of Diffie-Hellman type . 88.4.1 Setup 88.4.2 Mechanism 88.4.3 Properties 98.5 Key agreement of Diffie-Hellman type w

12、ith 2 key pairs (KADH2KP) 98.5.1 Setup 98.5.2 Mechanism. 98.5.3 Properties 108.6 Key agreement of Diffie-Hellman type with 2 signatures and key confirmation (KADH2SKC) 108.6.1 Setup 10 ISO/IEC 2002 All rights reserved iiiISO/IEC 15946-3:2002(E)8.6.2 Mechanism.108.6.3 Properties.119 Key agreement mec

13、hanisms not included in ISO/IEC 11770-3. 129.1 Common information129.2 The Full Unified Model129.2.1 Setup.129.2.2 Mechanism.129.2.3 Properties.139.3 Key agreement of MQV type with 1 pass (KAMQV1P) 139.3.1 Setup .139.3.2 Mechanism.139.3.3 Properties 149.4 Key agreement of MQV type with 2 passes (KAM

14、QV2P) 149.4.1 Setup .149.4.2 Mechanism149.4.3 Properties .1510 Key transport mechanisms.1510.1 Common information1510.2 Key transport of ElGamal type (KTEG).1510.2.1 Setup.1510.2.2 Mechanism.1610.2.3 Properties.1610.3 Key transport of ElGamal type with originator signature (KTEGOS) 1610.3.1 Setup.16

15、10.3.2 Mechanism.1710.3.3 Properties.1711 Key Confirmation .18Annex A (informative) Examples of key derivation functions.20A.1 The IEEE P1363 key derivation function20A.1.1 Preconditions.20A.1.2 Input20iv ISO/IEC 2002 All rights reserved ISO/IEC 15946-3:2002(E)A.1.3 Actions 20A.1.4 Output 20A.2 The

16、ANSI X9.42 key derivation function 20A.2.1 Prerequisites 20A.2.2 Input. 21A.2.3 Actions. 21A.2.4 Output 22A.2.5 ASN.1 syntax. 22A.3 The ANSI X9.63 key derivation function 22A.3.1 Prerequisites 23A.3.2 Input 23A.3.3 Actions 23A.3.4 Output. 23Annex B (informative) A comparison of the claimed propertie

17、s of the mechanisms in this standard 24B.1 Security Properties 24B.2 Performance Considerations . 27Bibliography . 29 ISO/IEC 2002 All rights reservedvISO/IEC 15946-3:2002(E)Forewordvi ISO/IEC 2002 All rights reserved ISO (the International Organization for Standardization) and IEC (the Internationa

18、l Electrotechnical Commission)form the specialized system for worldwide standardization. National bodies that are members of ISO or IECparticipate in the development of International Standards through technical committees established by therespective organization to deal with particular fields of te

19、chnical activity. ISO and IEC technical committeescollaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, inliaison with ISO and IEC, also take part in the work.International Standards are drafted in accordance with the rules given in the ISO/I

20、EC Directives, Part 3.In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting.Publication as an International Standard requires

21、approval by at least 75 % of the national bodies casting a vote.International Standard ISO/IEC 15946-3 was prepared by Joint Technical Committee ISO/IEC JTC 1, Informationtechnology, Subcommittee SC 27, IT Security techniques.ISO/IEC 15946 consists of the following parts, under the general title Inf

22、ormation technology Security techniques Cryptographic techniques based on elliptic curves: Part 1: General Part 2: Digital signatures Part 3: Key establishment Part 4: Digital signatures giving message recoveryAnnexes A and B of this part of ISO/IEC 15946 are for information only.ISO/IEC 15946-3:200

23、2(E)vii ISO/IEC 2002 All rights reservedIntroductionSome of the most interesting and potentially useful public key cryptosystems that are currently available arecryptosystems based on elliptic curves defined over finite fields. The concept of an elliptic curve based public keycryptosystem is rather

24、simple: Every elliptic curve is endowed with a binary operation “+“ under which it forms a finite abelian group. The group law on elliptic curves extends in a natural way to a “discrete exponentiation“ on the point group ofthe elliptic curve. Based on the discrete exponentiation on an elliptic curve

25、 one can easily derive elliptic curve analogues of thewell known public key schemes of Diffie-Hellman and ElGamal type.The security of such a public key system depends on the difficulty of determining discrete logarithms in the group ofpoints of an elliptic curve. This problem is - with current know

26、ledge - much harder than the factorization of integersor the computation of discrete logarithms in a finite field. Indeed, since Miller and Koblitz in 1985independently suggested the use of elliptic curves for public key cryptographic systems, no substantial progress intackling the elliptic curve di

27、screte logarithm problem has been reported. In general, only algorithms that takeexponential time are known to determine elliptic curve discrete logarithms. Thus, it is possible for elliptic curvebased public key systems to use much shorter parameters than the RSA system or the classical discrete lo

28、garithmbased systems that make use of the multiplicative group of some finite field. This yields significantly shorter digitalsignatures and system parameters and allows for computations using smaller integers.This part of ISO/IEC 15946 describes schemes that can be used for key agreement and scheme

29、s that can be usedfor key transport. Where possible, the schemes are analogous to methods included in ISO/IEC 11770-3. Schemesthat are not included in ISO/IEC 11770-3 are noted as such.The International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) drawat

30、tention to the fact that it is claimed that compliance with this International Standard may involve the use ofpatents.ISO and IEC take no position concerning the evidence, validity and scope of these patent rights.The holders of these patent rights have assured ISO and IEC that they are willing to n

31、egotiate licences underreasonable and non-discriminatory terms and conditions with applicants throughout the world. In this respect, thestatements of the holders of these patent rights are registered with ISO and IEC. Information may be obtained from:ISO/IEC JTC 1/SC 27 Standing Document 8 (SD 8)SD

32、8 is publicly available at:http:/www.din.de/ni/sc27Attention is drawn to the possibility that some of the elements of this part of ISO/IEC 15946 may be the subject ofpatent rights other than those identified above. ISO and IEC shall not be held responsible for identifying any or allsuch patent right

33、s.INTERNATIONAL STANDARD ISO/IEC 15946-3:2002(E) ISO/IEC 2002 All rights reserved 1Information technology Security techniques Cryptographictechniques based on elliptic curves Part 3: Key establishment1 ScopeInternational Standard ISO/IEC 15946 specifies public key cryptographic techniques based on e

34、lliptic curves. Thestandard is split into four parts and includes the establishment of keys for secret key systems and digital signaturemechanisms.This part of ISO/IEC 15946 specifies techniques for key establishment, which includes key agreement and keytransport, that use elliptic curves.The scope

35、of this standard is restricted to cryptographic techniques based on elliptic curves defined over finitefields of prime power order (including the special cases of prime order or characteristic two). The representation ofelements of the underlying finite field is outside the scope of this standard. T

36、his standard does not fully specify theimplementation of the techniques it defines. There may be different products that comply with this InternationalStandard and yet are not compatible.2 Normative referencesThe following normative documents contain provisions which, through reference in this text,

37、 constitute provisions ofthis part of ISO/IEC 15946. For dated references, subsequent amendments to, or revisions of, any of thesepublications do not apply. However, parties to agreements based on this part of ISO/IEC 15946 are encouraged toinvestigate the possibility of applying the most recent edi

38、tions of the normative documents indicated below. Forundated references, the latest edition of the normative document referred to applies. Members of ISO and IECmaintain registers of currently valid International Standards.ISO/IEC 9796 (parts 2 and 3), Information technology Security techniques Digi

39、tal signature schemes giving message recoveryISO/IEC 9797 (all parts), Information technology Security techniques Message Authentication Codes (MACs)ISO/IEC 10118 (all parts), Information technology Security techniques Hash-functionsISO/IEC 11770-3:1999, Information technology Security techniques Ke

40、y management Part 3:Mechanisms using asymmetric techniquesISO/IEC 14888 (all parts), Information technology Security techniques Digital signatures with appendixISO/IEC 15946-1:2001, Information technology Security techniques Cryptographic techniques based onelliptic curves Part 1: GeneralISO/IEC 159

41、46-2:2001, Information technology Security techniques Cryptographic techniques based on ellipticcurves Part 2: Digital signaturesISO/IEC 15946-3:2002(E)2 ISO/IEC 2002 All rights reserved3 Terms and definitionsFor the purposes of this part of ISO/IEC 15946, the definitions of Part 1 apply. In additio

42、n, the following definitionsfrom ISO/IEC 11770-3 apply.3.1 Asymmetric cryptographic technique: a cryptographic technique that uses two related transformations, apublic transformation (defined by the public key) and a private transformation (defined by the private key). The twotransformations have th

43、e property that, given the public transformation, it is computationally infeasible to derive theprivate transformation.3.2 Asymmetric encipherment system: a system based on asymmetric cryptographic techniques whose publictransformation is used for encipherment and whose private transformation is use

44、d for decipherment.3.3 Asymmetric key pair: a pair of related keys where the private key defines the private transformation and thepublic key defines the public transformation.3.4 Signature system: a system based on asymmetric cryptographic techniques whose private transformation isused for signing

45、and whose public transformation is used for verification.3.5 Cryptographic check function: a cryptographic transformation which takes as input a secret key and anarbitrary string, and which gives a cryptographic check value as output. The computation of a correct check valuewithout knowledge of the

46、secret key shall be infeasible ISO/IEC 9798-1:1997.3.6 Cryptographic check value: information which is derived by performing a cryptographic transformation on thedata unit ISO/IEC 9798-4:1995.NOTE The cryptographic check value is the output of the cryptographic check function.3.7 Decipherment: the r

47、eversal of a corresponding encipherment ISO/IEC 11770-1:1996.3.8 Digital signature: data appended to, or a cryptographic transformation of, a data unit that allows the recipientof the data unit to prove the origin and integrity of the data unit and protect against forgery, e.g. by the recipientISO/I

48、EC 11770-1:1996.3.9 Distinguishing identifier: information which unambiguously distinguishes an entity ISO/IEC 11770-1:1996.3.10 Encipherment: the (reversible) transformation of data by a cryptographic algorithm to produce ciphertext, i.e.to hide the information content of the data ISO/IEC 9798-1:19

49、97.3.11 Entity authentication: the corroboration that an entity is the one claimed ISO/IEC 9798-1:1997.3.12 Entity authentication of A to B: the assurance of the identity of entity A for entity B.3.13 Explicit key authentication from A to B: the assurance for entity B that A is the only other entity that is inpossession of the correct key.NOTE Implicit key authentication from A to B and key confir

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1