ImageVerifierCode 换一换
格式:PDF , 页数:24 ,大小:480.99KB ,
资源ID:583186      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-583186.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(BS ISO 10126-1-1992 Banking - Procedures for message encipherment (wholesale) - General principles《银行业务 信息加密程序(批量) 第1部分 一般原则》.pdf)为本站会员(confusegate185)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

BS ISO 10126-1-1992 Banking - Procedures for message encipherment (wholesale) - General principles《银行业务 信息加密程序(批量) 第1部分 一般原则》.pdf

1、BRITISH STANDARD BS ISO 10126-1:1991 Implementation of ISO 10126-1:1991 Banking Procedures for message encipherment (wholesale) Part 1: General principles UDC 336.719.2:355.405.2:681.3.04BSISO10126-1:1991 This British Standard, having been prepared under the directionof the Information Systems Techn

2、ology StandardsPolicy Committee, waspublishedunder the authorityofthe Standards Boardand comes intoeffecton 31January1992 BSI 10-1999 The following BSI references relate to the work on this standard: Committee reference IST/12 Draft for comment 89/63555 DC ISBN 0 580 20452 9 Committees responsible f

3、or this British Standard The preparation of this British Standard was entrusted by the Information Systems Technology Standards Policy Committee (IST/-) to Technical Committee IST/12, upon which the following bodies were represented: American Banks and Securities Association of London Association fo

4、r Payment Clearing Services Building Societies Association British Telecommunications plc IBM (UK) Ltd. The London Stock Exchange The following bodies were also represented in the drafting of the standard, through subcommittees and panels: British Bankers Association Institutional Fund Managers Asso

5、ciation Securities and Investments Board Stock Exchange Management Association The EDI Association The London Stock Exchange Amendments issued since publication Amd. No. Date CommentsBSISO10126-1:1991 BSI 10-1999 i Contents Page Committees responsible Inside front cover National foreword ii Foreword

6、 iii Text of ISO 10126-1 1BSISO10126-1:1991 ii BSI 10-1999 National foreword This British Standard reproduces verbatim ISO 10126-1:1991 and implements it as the UK national standard. This British Standard is published under the direction of the Information Systems Technology Standards Policy Committ

7、ee whose Technical Committee IST/12 has the responsibility to: aid enquirers to understand the text; present to the responsible international committee any enquiries on interpretation, or proposals for change, and keep UK interests informed; monitor related international and European developments an

8、d promulgate them in the UK. NOTEInternational and European Standards, as well as overseas standards, are available from BSI Sales Department, BSI, Linford Wood, Milton Keynes, MK14 6LE. A British Standard does not purport to include all the necessary provisions of a contract. Users of British Stand

9、ards are responsible for their correct application. Compliance with a British Standard does not of itself confer immunity from legal obligations. Summary of pages This document comprises a front cover, an inside front cover, pages i and ii, the ISO title page, pages ii to iv, pages 1 to 14 and a bac

10、k cover. This standard has been updated (see copyright date) and may have had amendments incorporated. This will be indicated in the amendment table on the inside front cover.ISO10126-1:1991(E) ii BSI 10-1999 Contents Page Foreword iii Introduction 1 1 Scope 1 2 Normative references 1 3 Definitions

11、1 4 Application 2 5 Encipherment and decipherment of entire messages and encipherment elements 3 6 Transparent transmission of enciphered data 5 7 Order of processing 8 8 Approval procedure for encipherment algorithms 8 Annex A (normative) Procedure for review of alternative encipherment algorithms

12、9 Annex B (informative) Examples of filtering 10 Annex C (informative) Filtering Expansion factors for selected filters 12 Annex D (informative) Examples illustrating the encipherment and decipherment of encipherment elements 13 Figure 1 Filter padding field format 7 Figure 2 Message flow 8 Table 1

13、ISO 646 filter 5 Table 2 ISO 646/baudot filter 6 Table 3 ISO 646/baudot filter 7 Table 4 Filter padding 7 Table C.1 Expansion factors 12 Descriptors: Banking, messages, protection of information, coded representation.ISO10126-1:1991(E) BSI 10-1999 iii Foreword ISO (the International Organization for

14、 Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the

15、right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. Draft Inte

16、rnational Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least75% of the member bodies casting a vote. International Standard ISO10126-1was prepared by Technical Committee ISO/TC68, Bankin

17、g and related financial services, Sub-Committee SC 2, Operations and procedures. ISO10126consists of the following parts, under the general title Banking Procedures for message encipherment (wholesale): Part 1: General principles; Part 2: DEA algorithm. ISO10126originates from work done in ANSI, and

18、 is a development of (whileremaining compatible with) ANSI X9.23 (1988), Financial Institution: Encryption of Wholesale Financial Messages. The four annexes to this parts of ISO10126are intended to simplify its implementation. a) Annex A provides the procedure for review of alternative encipherment

19、algorithms. b) Annex B provides examples of the various filtering techniques described in this part of ISO 10126. c) Annex C provides a comparison of the effects of the filters described in this part of ISO10126and, by use of the expansion factor, shows the relationship between the number of bits tr

20、ansmitted and those originated. d) Annex D provides examples of the three methods for encipherment and decipherment of encipherment elements within a message which are described in this part of ISO 10126. Annex A forms an integral part of this part of ISO 10126. Annex B, Annex C and Annex D are for

21、information only.iv blankISO10126-1:1991(E) BSI 10-1999 1 Introduction This part of ISO10126specifies a method for the encipherment and decipherment of entire (or parts of) wholesale financial messages by the use of application level encipherment, for the purpose of providing confidentiality. The le

22、vel of security provided by this part of ISO10126is dependent upon a) the security associated with the algorithm used for encipherment and the implementation of that algorithm within the procedures laid down by this part of ISO10126and, b) the operation of a secure system of key management. Particul

23、ar algorithms, suitable for use with this part of ISO 10126, are described in ISO 10126-2. A suitable International Standard for key management is described in ISO 8732. 1 Scope The procedures defined are designed to protect, by means of encipherment, financial messages (entire messages or encipherm

24、ent elements) exchanged through any communications architecture. Such architectures will include store and forward and telex environments, any number of nodes and public or private networks. Since enciphered text can interfere with communications processes in existing wholesale financial networks, t

25、his part of ISO10126provides a means to permit the enciphered message to be transmitted through a number of networks without being misinterpreted as communications protocol information e.g. STX (start of text), EOT (end of text). The confidentiality of financial message data, in both structured and

26、unstructured forms, is protected by the use of this part of ISO 10126. The techniques described do not provide integrity protection (i.e. protection against modification, substitution and replay). Data integrity protection is the subject of ISO8730and ISO 8731. Message formats are also beyond the sc

27、ope of this part of ISO 10126. 2 Normative references The following standards contain provisions which, through reference in this text, constitute provisions of this part of ISO 10126. At the time of publication, the editions indicated were valid. All standards are subject to revision, and parties t

28、o agreements based on this part of ISO10126are encouraged to investigate the possibility of applying the most recent editions of the standards indicated below. Members of IEC and ISO maintain registers of currently valid International Standards. ISO 646:1983, Information processing ISO 7-bit coded c

29、haracter set for information interchange. ISO 8730:1990, Banking Requirements for message authentication (wholesale). ISO 8731-1:1987, Banking Approved algorithms for message authentication Part 1: DEA. ISO 8731-2:1987, Banking Approved algorithm for message authentication Part 2: Message authentica

30、tor algorithms. ISO 8732:1988, Banking Key management (wholesale). ISO 10126-2:1991, Banking Procedures for message encipherment (wholesale) Part 2: DEA algorithms. 3 Definitions For the purposes of this part of ISO 10126, the following definitions apply. 3.1 baudot a five bit character information

31、coding scheme (excluding optional start bits and stop bits); CCITT Alphabet Number 2 3.2 block a data unit with a specified length 3.3 ciphertext enciphered information 3.4 communicating pair two logical parties who have previously agreed to exchange data 3.5 cryptographic key; key a parameter used

32、in conjunction with an algorithm for the purpose of encipherment or decipherment 3.6 data unit binary vector of K bits denoted as (B1, B2, ., BK) 3.7 decipherment the reversal of a corresponding reversible encipherment 3.8 enciphered element enciphered encipherment elementISO10126-1:1991(E) 2 BSI 10

33、-1999 3.9 encipherment the cryptographic transformation of data to produce ciphertext 3.10 encipherment element a contiguous group of plaintext characters which is to be enciphered 3.11 filtering the process of encoding binary text into a format insensitive to control characters 3.12 financial messa

34、ge a communication containing information which has financial implications 3.13 initialization vector (IV) a number used as a starting point for encipherment of a data sequence. It increases security by introducing additional cryptographic variance, and also facilitates the synchronization of crypto

35、graphic equipment 3.14 initial text sequence (ITS) an n-bit binary vector which may be prefixed to a message 3.15 key see cryptographic key 3.16 logical party one or more physical parties forming one member of a communicating pair 3.17 message a communication containing one or more transactions or r

36、elated information 3.18 most significant bit(s) the leftmost bit(s) of a binary vector 3.19 octet a group of eight binary digits numbered from left to right: B1, B2, ., B8 3.20 padding one or more bits appended to a message in order to cause the message to contain an exact multiple of the number of

37、bits required by the filtering process or the cryptographic algorithm 3.21 plaintext unenciphered information 3.22 receiver the logical party that is authorized to decipher a received message 3.23 sender the logical party that is responsible for originating an enciphered message 4 Application 4.1 Pr

38、otection provided The confidentiality of financial message data is protected by the use of this part of ISO10126. This part of ISO10126 provides a method of protection for both structured and unstructured message data. Confidentiality protection is provided between two logical parties. The logical p

39、arties to a communication are the sender and receiver. 4.2 General operation 4.2.1 Processing The sender of a financial message shall generate ciphertext by applying the encipherment process described in clause 5 either to the entire plaintext message, or to encipherment elements within the message,

40、 using a secure system of key management. The message is then forwarded to the receiver. The receiver shall decipher the ciphertext by applying the decipherment procedures described in clause 5. Note that the cryptographic process is sensitive to the sequence in which the plaintext is enciphered, an

41、d that sequence must be the same at the time of encipherment and decipherment. If decipherment of an entire message or encipherment elements is required at a later date, an audit journal shall include sufficient information to retrieve the key, the message and any other information used in the crypt

42、ographic process. When a financial message is both authenticated and enciphered, the message shall be authenticated prior to encipherment, and different keys shall be used for encipherment and authentication.ISO10126-1:1991(E) BSI 10-1999 3 4.2.2 Communications methods This part of ISO10126may be us

43、ed to encipher entire financial messages or encipherment elements within messages transmitted over any communications media through any number of nodes in public or private networks. 5 Encipherment and decipherment of entire messages and encipherment elements 5.1 General Entire messages and encipher

44、ment elements shall be enciphered and deciphered in accordance with ISO 10126-2. There are four methods of encipherment allowed by this part of ISO 10126, i.e. entire message encipherment and three methods for enciphering encipherment elements. Several messages using different keys, different modes

45、of operation, or methods of encipherment (see 5.3) and filters (see clause 6) may be combined within a single transmission. 5.2 Encipherment and decipherment of entire messages When an entire message is to be enciphered, all plaintext other than header and trailer information (e.g. information added

46、 by a network for transmission purposes) shall be enciphered. The Initial Text Sequence (if present), the entire message including the MAC (if present), and the padding field (if present) shall be enciphered as a unit. After encipherment, ciphertext may be filtered in accordance with clause 6. When

47、an entire message is to be deciphered, all ciphertext is deciphered as a unit. 5.3 Encipherment and decipherment of encipherment elements Three methods for encipherment and decipherment of encipherment elements within a message are permitted by this part of ISO 10126. Method 1: Encipherment elements

48、 are independently enciphered into enciphered elements. Enciphered elements are independently deciphered into encipherment elements (see 5.3.2). Method 2: Encipherment elements are concatenated and enciphered as a single data string. The resulting ciphertext string is transmitted in the message as a

49、 single string. The ciphertext string is deciphered and the encipherment elements are inserted into the message text (see 5.3.3.1). Method 3: Encipherment elements are concatenated and enciphered as a single data string. The resulting ciphertext string is divided into ciphertext substrings for transmission in the message. The ciphertext substrings are concatenated and deciphered as a single string. The resulting encipherment elements are inserted into the message text (see 5.3.3.2). After encipherment, ciphertext may be filt

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1