CAN CSA-ISO IEC 9798-2-2010 Information technology - Security techniques - Entity authentication - Part 2 Mechanisms using symmetric encipherment algorithms (Technical Corrigendum .pdf

1、Information technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithmsCAN/CSA-ISO/IEC 9798-2-10(ISO/IEC 9798-2:2008, IDT)National Standard of CanadaNOT FOR RESALE.PUBLICATION NON DESTINE LA REVENTE.Legal Notice for StandardsCanadian Standards Asso

2、ciation (CSA) standards are developed through a consensus standards development process approved by the Standards Council of Canada. This process brings together volunteers representing varied viewpoints and interests to achieve consensus and develop a standard. Although CSA administers the process

3、and establishes rules to promote fairness in achieving consensus, it does not independently test, evaluate, or verify the content of standards.Disclaimer and exclusion of liabilityThis document is provided without any representations, warranties, or conditions of any kind, express or implied, includ

4、ing, without limitation, implied warranties or conditions concerning this documents fitness for a particular purpose or use, its merchantability, or its non-infringement of any third partys intellectual property rights. CSA does not warrant the accuracy, completeness, or currency of any of the infor

5、mation published in this document. CSA makes no representations or warranties regarding this documents compliance with any applicable statute, rule, or regulation. IN NO EVENT SHALL CSA, ITS VOLUNTEERS, MEMBERS, SUBSIDIARIES, OR AFFILIATED COMPANIES, OR THEIR EMPLOYEES, DIRECTORS, OR OFFICERS, BE LI

6、ABLE FOR ANY DIRECT, INDIRECT, OR INCIDENTAL DAMAGES, INJURY, LOSS, COSTS, OR EXPENSES, HOWSOEVER CAUSED, INCLUDING BUT NOT LIMITED TO SPECIAL OR CONSEQUENTIAL DAMAGES, LOST REVENUE, BUSINESS INTERRUPTION, LOST OR DAMAGED DATA, OR ANY OTHER COMMERCIAL OR ECONOMIC LOSS, WHETHER BASED IN CONTRACT, TOR

7、T (INCLUDING NEGLIGENCE), OR ANY OTHER THEORY OF LIABILITY, ARISING OUT OF OR RESULTING FROM ACCESS TO OR POSSESSION OR USE OF THIS DOCUMENT, EVEN IF CSA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, INJURY, LOSS, COSTS, OR EXPENSES.In publishing and making this document available, CSA is not

8、 undertaking to render professional or other services for or on behalf of any person or entity or to perform any duty owed by any person or entity to another person or entity. The information in this document is directed to those who have the appropriate degree of experience to use and apply its con

9、tents, and CSA accepts no responsibility whatsoever arising in any way from any and all use of or reliance on the information contained in this document. CSA is a private not-for-profit company that publishes voluntary standards and related documents. CSA has no power, nor does it undertake, to enfo

10、rce compliance with the contents of the standards or other documents it publishes. Intellectual property rights and ownershipAs between CSA and the users of this document (whether it be in printed or electronic form), CSA is the owner, or the authorized licensee, of all works contained herein that a

11、re protected by copyright, all trade-marks (except as otherwise noted to the contrary), and all inventions and trade secrets that may be contained in this document, whether or not such inventions and trade secrets are protected by patents and applications for patents. Without limitation, the unautho

12、rized use, modification, copying, or disclosure of this document may violate laws that protect CSAs and/or others intellectual property and may give rise to a right in CSA and/or others to seek legal redress for such use, modification, copying, or disclosure. To the extent permitted by licence or by

13、 law, CSA reserves all intellectual property rights in this document.Patent rightsAttention is drawn to the possibility that some of the elements of this standard may be the subject of patent rights. CSA shall not be held responsible for identifying any or all such patent rights. Users of this stand

14、ard are expressly advised that determination of the validity of any such patent rights is entirely their own responsibility.Authorized use of this documentThis document is being provided by CSA for informational and non-commercial use only. The user of this document is authorized to do only the foll

15、owing:If this document is in electronic form:.load this document onto a computer for the sole purpose of reviewing it;.search and browse this document; and.print this document if it is in PDF format. Limited copies of this document in print or paper form may be distributed only to persons who are au

16、thorized by CSA to have such copies, and only if this Legal Notice appears on each such copy.In addition, users may not and may not permit others to.alter this document in any way or remove this Legal Notice from the attached standard;.sell this document without authorization from CSA; or.make an el

17、ectronic copy of this document.If you do not agree with any of the terms and conditions contained in this Legal Notice, you may not load or use this document or make any copies of the contents hereof, and if you do make such copies, you are required to destroy them immediately. Use of this document

18、constitutes your acceptance of the terms and conditions of this Legal Notice.Information technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithmsTechnical Corrigendum 2:2013 (IDT) toNational Standard of CanadaCAN/CSA-ISO/IEC 9798-2-10(ISO/IEC 97

19、98-2:2008, IDT)NOT FOR RESALE. / PUBLICATION NON DESTINE LA REVENTE.Standards Update ServiceTechnical Corrigendum 2:2013 toCAN/CSA-ISO/IEC 9798-2-10January 2013Title: Information technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithmsPagination

20、: 2 pagesTo register for e-mail notification about any updates to this publicationgo to shop.csa.caclick on CSA Update ServiceThe List ID that you will need to register for updates to this publication is 2420897.If you require assistance, please e-mail techsupportcsagroup.org or call 416-747-2233.Vi

21、sit CSA Groups policy on privacy at csagroup.org/legal to find out how we protect your personal information.INTERNATIONAL STANDARD ISO/IEC 9798-2:2008TECHNICAL CORRIGENDUM 2 Published 2012-03-15 INTERNATIONAL ORGANIZATION FOR STANDARDIZATION ORGANISATION INTERNATIONALE DE NORMALISATIONINTERNATIONAL

22、ELECTROTECHNICAL COMMISSION COMMISSION LECTROTECHNIQUE INTERNATIONALEInformation technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithms TECHNICAL CORRIGENDUM 2 Technologies de linformation Techniques de scurit Authentification dentit Partie 2:

23、 Mcanismes utilisant des algorithmes de chiffrement symtriques RECTIFICATIF TECHNIQUE 2 Technical Corrigendum 2 to ISO/IEC 9798-2:2008 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security techniques. Page 4, Clause 5 Add the following after

24、 the last paragraph: f) The secret authentication key used in implementations of any of the mechanisms specified in this part of ISO/IEC 9798 shall be distinct from keys used for any other purposes. g) The data strings enciphered at various points in an authentication mechanism shall not be composed

25、 so that they could be interchanged. NOTE This could be enforced by including the following elements in each enciphered data string. The object identifier as specified in Annex A, in particular identifying the ISO standard, the part number, and the authentication mechanism. ICS 35.040 Ref. No. ISO/I

26、EC 9798-2:2008/Cor.2:2012(E) ISO/IEC 2012 All rights reserved Technical Corigendum 2:2013 to CAN/CSA-ISO/IEC 9798-2-10ISO/IEC 9798-2:2012/Cor.2:2012(E) 2 ISO/IEC 2012 All rights reserved A constant that uniquely identifies the enciphered string within the mechanism. This constant may be omitted in m

27、echanisms that include only one enciphered string. The recipient of an enciphered data string shall verify that the object identifier and the constant identifying the enciphered data string within the mechanism are as expected. Technical Corigendum 2:2013 to CAN/CSA-ISO/IEC 9798-2-10Copyright Notice

28、This Amendment to the International Standard contains information copyright protected by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Except as permitted under the laws of Canada, no extract of this Amendment to the International S

29、tandard may be reproduced, stored in any retrieval system, or transmitted in any form or by any means, electronic, photocopying, recording, or otherwise, without prior permission from the Standards Council of Canada (SCC). Requests for permission to reproduce this Amendment to the International Stan

30、dard or parts thereof should be addressed to Manager, Technical Document Centre Standards Council of Canada 270 Albert Street, Suite 200 Ottawa, Ontario K1P 6N7 The Canadian adoption of this Amendment to the International Standard contains information copyright protected by CSA Group. All rights res

31、erved. No part of this adopted Amendment may be reproduced in any form whatsoever without the prior permission of the publisher. ISO/IEC material is reprinted with permission. Requests for permission to reproduce this adopted Amendment or parts thereof should be addressed to Manager, Sales CSA Group

32、 5060 Spectrum Way, Suite 100 Mississauga, Ontario L4W 5N6Copyright violators will be prosecuted to the full extent of the law.PRINTED IN CANADAIMPRIMEAU CANADA100%CSA Group prints its publications on Rolland Enviro100, which contains 100% recycled post-consumer fibre, is EcoLogo and Processed Chlor

33、ine Free certified, and was manufactured using biogas energy.Information technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithmsTechnical Corrigendum 1:2013 (IDT) toNational Standard of CanadaCAN/CSA-ISO/IEC 9798-2-10(ISO/IEC 9798-2:2008, IDT)N

34、OT FOR RESALE. / PUBLICATION NON DESTINE LA REVENTE.Standards Update ServiceTechnical Corrigendum 1:2013 toCAN/CSA-ISO/IEC 9798-2-10January 2013Title: Information technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithmsPagination: 1 pageTo regis

35、ter for e-mail notification about any updates to this publicationgo to shop.csa.caclick on CSA Update ServiceThe List ID that you will need to register for updates to this publication is 2420897.If you require assistance, please e-mail techsupportcsagroup.org or call 416-747-2233.Visit CSA Groups po

36、licy on privacy at csagroup.org/legal to find out how we protect your personal information.ICS 35.040 Ref. No. ISO/IEC 9798-2:2008/Cor.1:2010(E) ISO/IEC 2010 All rights reserved INTERNATIONAL STANDARD ISO/IEC 9798-2:2008 TECHNICAL CORRIGENDUM 1 Published 2010-02-15 INTERNATIONAL ORGANIZATION FOR STA

37、NDARDIZATION ORGANISATION INTERNATIONALE DE NORMALISATIONINTERNATIONAL ELECTROTECHNICAL COMMISSION COMMISSION LECTROTECHNIQUE INTERNATIONALEInformation technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithms TECHNICAL CORRIGENDUM 1 Technologies

38、 de linformation Techniques de scurit Authentification dentit Partie 2: Mcanismes utilisant des algorithmes de chiffrement symtriques RECTIFICATIF TECHNIQUE 1 Technical Corrigendum 1 to ISO/IEC 9798-2:2008 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee

39、SC 27, IT Security techniques. Page 3, Clause 4 Replace the definition of X |Y with the following text: “The result of the concatenation of data items X and Y in the order specified. In cases where the result of concatenating two or more data items is encrypted as part of one of the mechanisms speci

40、fied in this part of ISO/IEC 9798, this result shall be composed so that it can be uniquely resolved into its constituent data strings, i.e. so that there is no possibility of ambiguity in interpretation. This latter property could be achieved in a variety of ways, depending on the application. For

41、example, it could be guaranteed by (a) fixing the length of each of the substrings throughout the domain of use of the mechanism, or (b) encoding the sequence of concatenated strings using a method that guarantees unique decoding, e.g. using the distinguished encoding rules defined in ISO/IEC 8825-1

42、 1. NOTE Not only concatenated strings but ordered tuples are needed. Normally, the notation for ordered tuples is X1,X2,.,Xn.” Delete the NOTE from the last row of the table. Technical Corrigendum 1:2013 to CAN/CSA-ISO/IEC 9798-2-10Copyright NoticeThis Amendment to the International Standard contai

43、ns information copyright protected by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Except as permitted under the laws of Canada, no extract of this Amendment to the International Standard may be reproduced, stored in any retrieval

44、system, or transmitted in any form or by any means, electronic, photocopying, recording, or otherwise, without prior permission from the Standards Council of Canada (SCC). Requests for permission to reproduce this Amendment to the International Standard or parts thereof should be addressed to Manage

45、r, Technical Document Centre Standards Council of Canada 270 Albert Street, Suite 200 Ottawa, Ontario K1P 6N7 The Canadian adoption of this Amendment to the International Standard contains information copyright protected by CSA Group. All rights reserved. No part of this adopted Amendment may be rep

46、roduced in any form whatsoever without the prior permission of the publisher. ISO/IEC material is reprinted with permission. Requests for permission to reproduce this adopted Amendment or parts thereof should be addressed to Manager, Sales CSA Group 5060 Spectrum Way, Suite 100 Mississauga, Ontario

47、L4W 5N6Copyright violators will be prosecuted to the full extent of the law.PRINTED IN CANADAIMPRIMEAU CANADA100%CSA Group prints its publications on Rolland Enviro100, which contains 100% recycled post-consumer fibre, is EcoLogo and Processed Chlorine Free certified, and was manufactured using biog

48、as energy.CSA Standards Update ServiceCAN/CSA-ISO/IEC 9798-2-10December 2010Title: Information technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithmsPagination:25 pages (CSA/1CSA/5, iiv, and 16 text)To register for e-mail notification about any updates to this publicationgo to www.ShopCSA.caclick on E-mail Services under MY ACCOUNTclick on CSA Standards Update ServiceThe List ID that you will need to register for updates to this publication is 2420897.If you require assistance, please e-mail techsupportcsa.ca or call 416-747-2233