ITU-T X 274-1994 Information Technology - Telecommunication and Information Exchange between Systems - Transport Layer Security Protocol - Data Networks and Open System Communicatiroto.pdf

1、 ITU-T RECMN*X.274 74 m 4862593 0576963 457 m INTERNATIONAL TELECOMMUNICATION UNION ITU-T TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS OPEN SYSTEMS INTERCONNECTION - SECURITY PROTOCOLS X.274 (07/94) INFORMATION TECHNOLOGY - EXCHANGE- BETWEEN SYSTEMS -

2、TELECOMMUNICATION AND INFORMATION TRANSPORT LAYER SECURITY PROTOCOL ITU-T Recommendation X.274 (Previously “CCITT Recommendation”) - ITU-T RECMN*X.274 9Y m 4862573 059b7bll 373 m Foreword IT (Intemational Telecommunication Union) is the United Nations Specialized Agency in the field of telecommunica

3、tions. The Telecommunication Standardization Sector (IT-T) is a permanent organ of the IT. Some 179 member countries, 84 telecom operating entities, 145 scientific and industrial organizations and 38 international organizations participate in ITU-T which is the body which sets world telecommunicatio

4、ns standards (Recommendations). The approval of Recommendations by the Members of ITU-T is covered by the procedure laid down in WTSC Resolution No. 1 (Helsinki, 1993). In addition, the World Telecommunication Standardization Conference (WTSC), which meets every four years, approves Recommendations

5、submitted to it and establishes the study programme for the following period. In some areas of information technology which fail within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with IS0 and IEC. The text of r-T Recommendation X.274 was approved on 1st of July 199

6、4. The identical text is also published as ISO/IEC International Standard 10736. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agenq. O ITU 1995 All rights reserved. No part of this

7、publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the IT. ITU-T RECMN*X-274 94 = 4862591 0596965 22T = Subject area PUBLIC DATA NFXWORKS ITU-T X-SERIES RECOMMENDATIONS DATA NETWORK

8、S AND OPEN SYSTEM COMMUNICATIONS (February 1994) ORGANIZATION OF X-SERIES RECOMMENDATIONS Recommendation series Services and facilities Interfaces x.1-x. 19 X.20-X.49 Transmission, signalling and switching Network aspects Maintenance X.50-X.89 x.90-x.149 X. 150-X. 179 I X.200-X.209 1 I Model and not

9、ation Administrative arrangements OPEN SYSTEMS INTERCONNECTION X. 180-X. 199 Service definitions X.210-X.2 19 Connectionless-mode protocol specifications PICS proformas X.230-X.239 X.240-X.259 Protocol identification X.260-X.269 I Networking Layer managed objects Conformance testing INTERWORKING BET

10、WEEN NETWORKS I X.600-X.649 I X.280-X.289 X.290-X.299 General Mobile data transmission systems x.300-x.349 X.350-X.369 Management MESSAGE HANDLING SYSTEMS X.370-X.399 x.400-x.499 OPEN DISTRIBUTED PROCESSING DIRECTORY OS1 NETWORKING AND SYSTEM ASPECTS I x.900-x.999 I x.500-x.599 Naming, addressing an

11、d registration - Abstract Svntax Notation One ASN.11 X.650-X.679 X.680-X.699 OS1 MANAGEMENT SECURITY x.700-x.799 X. 800-X. 849 OS1 APPLICATIONS Commitment, concurrency and recovery X.850-X.859 Transaction processing Remote operations X.860-X.879 X.880-X.899 ITU-T RECHNUX-274 94 m 48b259I 059bqbb Ibb

12、 m CONTENTS Foreword . Introduction . 1 2 3 4 5 6 Scope Normative references . 2.1 Identical Recommendations I International Standards 2.2 Paired Recommendations I International Standards equivalent in technical content . 2.3 Additional references Definitions 3.1 Security reference model definitions

13、 3.2 Additional definitions . Symbols and abbreviations . Overview ofthe Protocol . 5.1 Introduction . 5.2 Security Associations and attributes . 5.2.1 5.2.2 Security services for connection-oriented Transport protocol Security Service for connectionless Transport protocol . 5.3 Service assumed of t

14、he Network Layer 5.4 Security management requirements 5.5 Minimum algorithm characteristics 5.6 Security encapsulation function 5.6.1 Data encipherment function 5.6.4 Security padding function . SA Function using in band SA-P Elements of procedure 6.2 Confidentiality 5.6.2 Integrity function 5.6.3 S

15、ecurity label function 5.6.5 Peer Entity Authentication function 5.6.6 6.1 Concatenation and separation . 6.2.1 Purpose 6.2.2 TPDUs and parameters used . 6.2.3 Procedure 6.3 Integrity processing . 6.3.1 Integrity Check Value (ICV) processing 6.3.1.1 Purpose . 6.3.1.3 Procedure . 6.3.2 Direction indi

16、cator processing 6.3.2.1 Purpose . 6.3.2.2 TPDUs and parameters used . 6.3.2.3 Procedure . 6.3.3.1 Unique sequence numbers . 6.3.3.2 Purpose . 6.3.3.3 Procedure . Peer address check processing 6.4.1 Purpose 6.4.2 Procedure 6.5.1 Purpose 6.5.2 6.5.3 Procedure 1 . 6.3.1.2 TPDUs and-parameters used . 6

17、.3.3 Connection integrity sequence number processing . 6.4 6.5 Security labels for Security Associations TPDUs and parameters used . i . . ITU-T Rec . X.274 (1994 E) Page V vi 1 2 2 2 2 3 3 3 3 5 5 6 9 9 9 9 10 10 10 10 10 11 11 11 11 12 12 12 12 12 13 13 13 13 13 15 15 15 15 16 16 16 16 16 16 16 17

18、 17 17 17 i 7 8 6.6 Connection release 6.7 Key replacement . 6.8 Unprotected TPDUs 6.9 Protocol identification . 6.10 Security Association-Protocol . Use of elements of procedure . Structure and encoding of TPDUs . 8.1 Structure of TPDU 8.2.1 Clear header 8.2.1.1 PDU clear header length . 8.2.1.2 PD

19、U type . 8.2.1.3 SA-ID . 8.2.2 Crypto sync . 8.2.3 Protected contents . 8.2.3.1 Structure of protected contents field . 8.2.3.2 Content length . 8.2.3.3 Flags . 8.2.3.4 Label . 8.2.3.5 Protected data 8.2.3.6 Integrity PAD 8.2.4 ICV 8.2.5 Encipherment PAD . 8.3 Security Association PDU 8.3.1 LI 8.3.2

20、 PDU Type . 8.3.3 SA-ID 8.3.4 SA-P Type . 8.3.5 SA PDU Contents . 8.2 Security encapsulation TPDU . 9 Conformance 9.1 General 9.2 Common static conformance requirements . 9.3 9.4 9.5 9.6 9.7 10 Protocol implementation conformance statement (PICS) Annex A - PICS proforma A.1 Introduction . A.1.2 Appr

21、oach . A.2 Implementation identification . A.3 General statement of conformance A.4 Protocol implementation . A.5 Security services supported . A.6 Supported functions A.7 Supported Protocol Data Units (PDUs) Supported Transport PDUs (TPDUs) . Supported parameters of issued TPDUs . Supported paramet

22、ers of received TPDUs Allowed values of issued TPDU parameters Service, function, and protocol relationships Relationship between services and functions Supported algorithms 1 . TLSP with ITU-T Rec . X.234 I IS0 8602 static conformance requirements . TLSP with ITU-T Rec . X.224 I ISOIEC 8073 static

23、conformance requirements Common dynamic conformance requirements . TLSP with U-T Rec . X.234 I IS0 8602 dynamic conformance requirements TLSP with ITU-T Rec . X.224 I ISOIEC 8073 dynamic conformance requirements . A.l.l Background . A.7.1 A.7.2 A.7.3 A.7.4 A.8.1 A.8.2 A.8 Relationship between servic

24、es and protocol . I . A.9 II ITU-T Rec . X.274 (I994 E) age 17 17 17 18 18 19 19 19 19 20 20 20 20 20 20 21 21 21 22 22 22 22 23 23 23 23 23 23 23 23 23 23 24 24 24 24 24 24 25 25 25 25 26 26 26 27 28 31 31 31 31 32 33 33 33 34 A.10 Error handling . A.10.2 Protocol eTTors . A.11 Security Association

25、 . A.11.1 SA Generic Fields . A.11.2 Content Fields Specific to Key Exchange SA-P . B.l Overview . B.2 Key Token Exchange (KTE) B.3 SA-Protocol Authentication B.4 SA Attribute Negotiation B.4.1 Service Negotiation . B.4.3 Key and ISN Selection B.4.4 Miscellaneous SA Attribute Negotiation B.4.5 Re-ke

26、ying Overview . B.4.6 SA AbortJRelease Overview . Mapping of SA-Protocol Functions to Protocol Exchanges . B.5.1 KTE (First) Exchange . Receipt of the First Exchange PDU by Recipient . Authentication and Security Negotiation (Second) Exchange Receipt of First Exchange PDU by Initiator . Receipt of t

27、he Second Exchange PDU by Recipient A.lO.l Security errors . Annex B - Security Association Protocol Using Key Token Exchange and Digital Signatures B.4.2 Label Set Negotiation B.5 B.5.1.1 B.5.1.2 B.5.2.1 B.5.2.2 B.5.3 Rekey Procedure . B.5.4 SA Release 1 Abort Exchange . B.5.4.1 Request to Initiate

28、 SA Release / Abort . 3.5.4.2 Receipt of SA Abort/Release Requests . SA PDU - SA Contents B.6.1 Exchange ID . B.6.2 Content Length B.6.3 Content Fields . B.6.3.1 My SA-ID . B.6.3.2 Old Your SA- ID B.6.3.3 B.6.3.4 Authentication Digital Signature, Certificate B.6.3.5 Service Selection . B.6.3.6 SA Re

29、jection Reason B.6.3.7 SA AborilRekase Reason . B.6.3.8 Label . 3.6.3.9 Key Selection B.6.3.10 SA Flags 13.6.3.1 1 ASSR . Annex C - An example of an agreed set of security rules (ASSR) . Annex D - Overview of Em Algorithm Request to Initiate the SA-Protocol B.5.2 B.6 Key Token 1. Key Token 2. Key To

30、ken 3, and Key Token 4 Page 34 34 35 35 35 36 37 37 38 38 39 39 39 39 40 40 40 40 40 40 41 41 41 42 42 43 43 43 44 44 44 44 45 45 45 45 45 45 46 46 46 47 47 48 49 ITU-T Rec . X.274 (1994 E) iii Summary This Recommendation i International Standard specifies the protocol which can support the integrit

31、y, confidentiality, authentication and access control services identified in the OS1 security model as relevant to the transport layer. The protocol supports these services through the use of cryptographic mechanisms, security labelling and assigned attributes, such as cryptographic keys. iv ITU-T R

32、ec X.274 (1994 E) ITU-T RECMN*X-274 94 4862593 O596970 b97 = Foreword IS0 (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of IS0 and IEC participat

33、e in the development of International Standards through technical committees established by the respective organizations, governmental and non-governmental, in liaison with IS0 and EC, also take part in the work. In the field of information technology, IS0 and IEC have established a joint technical

34、committee ISO/IEC JTC1. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75% of the national bodies casting a vote. International Standard ISO/IEC 10736 was prep

35、ared by Joint Technical Committee ISO/IEC JTC1, Information technology - Sub-committee 6 - Telecommunications and information exchange between systems. Annex A and B form integral parts of this International Standard. Annex C and D are for information only. ITU-T Rec. X.274 (1994 E) V Introduction T

36、he transport protocol specified in IT-T Rec. X224 I ISO/IEC 8073 provides the connection oriented transport service described in -T Rec. 234 I ISO/IEC 8072. The transport protocol specified in ITU-T Rec. 234 I IS0 8602 provides the connectionless-mode transport service described in IS0 807UAD1. This

37、 Recommendation I International Standard specifies optional additional functions to IW-T Rec. X.224 I ISO/IEC 8073 and ITU-T Rec. X.234 I IS0 8602 permitting the use of cryptographic techniques to provide data protection for transport connections or for connectionless-mode TPDU transmission. Annex A

38、 and B form integral parts of this International Standard. Annex C and D are for information only. vi ITU-T Rec X.274 (1994 E) ITU-T RECNN*X-274 94 = 48b259L 059b972 4bT . ISO/zEC 10736-3 : 1995 (E) INTERNATIONAL STANDARD ITU-T RECOMMENDATION INFORMATION TECHNOLOGY - TELECOMMUNICATION AND INFORMATIO

39、N EXCHANGE BETWEEN SYSTEMS - TRANSPORT LAYER SECURITY PROTOCOL 1 Scope The procedures specified in this Recommendation I International Standard operate as extensions to those defined in -T Rec. X.224 I ISOAEC 8073 and ITU-T Rec. X.234 I IS0 8602 and do not preclude unprotected communication between

40、transport entities implementing ITU-T Rec. X.224 I ISO/IEC 8073 or ITU-T Rec. X.234 1 IS0 8602. The protection achieved by the security protocol defined in this Recommendation I Intemational Standard depends on the proper operation of security management including key management. However, this Recom

41、mendation I International Standard does not speci the management functions and protocols needed to support this security protocol. This protocol can support all the integrity, confidentiality, authentication and access control services identified in CCm Rec. X.800 I IS0 7498-2 as relevant to the tra

42、nsport layer. The protocol supports these services through use of cryptographic mechanisms, security labelling and attributes, such as keys and authenticated identities, pre-established by security management or established through the use of the Security Association - Protocol (SA-P). Protection ca

43、n be provided only within the context of a security policy. This protocol supports peer-entity authentication at the time of connection establishment. In addition, rekeying is supported within the protocol through the use of SA-P or through means outside the protocol. Security associations can only

44、be established within the context of a security policy. It is a matter for the users to establish their own security policy, which may be constrained by the procedures specified in this Recommendation I Intemational Standard. The following items could be included in a Security Policy: the method of

45、SA establishmenthelease, the lifetime of SA; AuthenticationlAccess Control mechanisms; Label mechanism; the procedure of the receiving aninvalid TPDU during SA establishment procedure or transmission of protected PDU; the lifetime of Key; the interval of the rekey procedure in order to update key an

46、d security control information (SCI) exchange procedure; the time out of SCI exchange and rekey procedure; the number of retries of sci exchange and rekey procedure. This Recommendation I International Standard defines a protocol which may be used for Security Association establishment. Entities wis

47、hing to establish an SA must share common mechanisms for authentication and key distribution. This Recommendation I International Standard specifies one algorithm for authentication and key distribution which is based on public key crypto systems. The implementation of this algorithm is not mandator

48、y; however, when an alternative mechanism is used, it shall satisfy the following conditions: a) b) Derived keys are authenticated. All SA attributes defined in 5.2 are derived. ITU-T Rec. X.274 (1994 E) 1 - ITU-T RECMN*X.274 94 4862592 059b973 3Tb M ISO/IEC 10736-4 1995 (E) 2 Normative references T

49、he following Recommendations and International Standards contain provisions which, through reference in this text, constitute provisions of this Recommendation I International Standard. At the time of publication, the editions indicated were valid. All standards are subject to revision, and parties to agreements based on this Recommendation I International Standard are encouraged to investigate the possibility of applying the most recent editions of the standards listed below. Members of IEC and IS0 maintain r