ANSI INCITS ISO IEC 18033-2-2006 Information technology Security techniques Encryption algorithms Part 2 Asymmetric ciphers.pdf

上传人:terrorscript155 文档编号:436264 上传时间:2018-11-14 格式:PDF 页数:132 大小:1.84MB
下载 相关 举报
ANSI INCITS ISO IEC 18033-2-2006 Information technology Security techniques Encryption algorithms Part 2 Asymmetric ciphers.pdf_第1页
第1页 / 共132页
ANSI INCITS ISO IEC 18033-2-2006 Information technology Security techniques Encryption algorithms Part 2 Asymmetric ciphers.pdf_第2页
第2页 / 共132页
ANSI INCITS ISO IEC 18033-2-2006 Information technology Security techniques Encryption algorithms Part 2 Asymmetric ciphers.pdf_第3页
第3页 / 共132页
ANSI INCITS ISO IEC 18033-2-2006 Information technology Security techniques Encryption algorithms Part 2 Asymmetric ciphers.pdf_第4页
第4页 / 共132页
ANSI INCITS ISO IEC 18033-2-2006 Information technology Security techniques Encryption algorithms Part 2 Asymmetric ciphers.pdf_第5页
第5页 / 共132页
亲,该文档总共132页,到这儿已超出免费预览范围,如果喜欢就下载吧!
资源描述

1、INCITS/ISO/IEC 18033-2:20062008 (/ISO/IEC 18033-2:2006, IDT) Information technology Security techniques Encryption algorithms Part 2: Asymmetric ciphersINCITS/ISO/IEC 18033-2:20062008 (ISO/IEC 18033-2:2006, IDT)ITS/ISO/IEC 18033-2:20062008 ii ITIC 2008 All rights reserved PDF disclaimer This PDF fil

2、e may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the

3、responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-cr

4、eation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. Adopted by INCITS (InterNational

5、Committee for Information Technology Standards) as an American National Standard. Date of ANSI Approval: 7/1/2008 Published by American National Standards Institute, 25 West 43rd Street, New York, New York 10036 Copyright 2008 by Information Technology Industry Council (ITI). All rights reserved. Th

6、ese materials are subject to copyright claims of International Standardization Organization (ISO), International Electrotechnical Commission (IEC), American National Standards Institute (ANSI), and Information Technology Industry Council (ITI). Not for resale. No part of this publication may be repr

7、oduced in any form, including an electronic retrieval system, without the prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW, Washington, DC 20005. Printed in the United States of America iiiContentsPage1 Scope . . . . . . . . . .

8、 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Normative references . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Deflnitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Symbols and notation . . . . . . .

9、. . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Mathematical conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85.1 Functions and algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85.2 Bit strings and octet strings . . . . . . . . . . . . .

10、 . . . . . . . . . . . . . . . . 95.3 Finite Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105.4 Elliptic curves . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146.1 Cryptograp

11、hic hash functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146.2 Key derivation functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156.3 MAC algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166.4 Block ciphers . . . . . . . . . . .

12、 . . . . . . . . . . . . . . . . . . . . . . . . . . 166.5 Symmetric ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 Asymmetric ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197.1 Plaintext length . . . . . . . . . . . . . . . . . . .

13、 . . . . . . . . . . . . . . . . 207.2 The use of labels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217.3 Ciphertext format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217.4 Encryption options . . . . . . . . . . . . . . . . . . . . . . . . . . . .

14、. . . . . . 217.5 Method of operation of an asymmetric cipher . . . . . . . . . . . . . . . . . . . 227.6 Allowable asymmetric ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228 Generic hybrid ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228.1 Key en

15、capsulation mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . 238.2 Data encapsulation mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . 248.3 HC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259 Constructions of data encapsulation me

16、chanisms . . . . . . . . . . . . . . . . . . . . 269.1 DEM1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269.2 DEM2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279.3 DEM3 . . . . . . . . . . . . . . . . . . . . . . . . . . .

17、. . . . . . . . . . . . . . 2810 ElGamal-based key encapsulation mechanisms . . . . . . . . . . . . . . . . . . . . . 3010.1 Concrete groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3010.2 ECIES-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

18、. 3210.3 PSEC-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3410.4 ACE-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3611 RSA-based asymmetric ciphers and key encapsulation mechanisms . . . . . . . . . . 3911.1 RSA key generation algo

19、rithms . . . . . . . . . . . . . . . . . . . . . . . . . . . 3911.2 RSA Transform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4011.3 RSA encoding mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4011.4 RSAES . . . . . . . . . . . . . . . . . . . . . .

20、. . . . . . . . . . . . . . . . . . 4211.5 RSA-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4412 Ciphers based on modular squaring . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45Cryptographic transformationsINCITS/ISO/IEC 18033-2:20062008 ITIC 2008 All r

21、ights reservediv 12.1HIMEkeygenerationalgorithms4512.2 HIME encoding mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4612.3 HIME(R) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48AnnexA(normative)ASN.1syntaxforobjectidentiflers.51Annex B (informati

22、ve) Security considerations . . . . . . . . . . . . . . . . . . . . . . . 61B.1 MAC algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61B.2 Block ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62B.3 Symmetric ciphers . . . . . . . . .

23、 . . . . . . . . . . . . . . . . . . . . . . . . . 62B.4 Asymmetric ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63B.5 Key encapsulation mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . 65B.6 Data encapsulation mechanisms . . . . . . . . . . . . . . . . .

24、 . . . . . . . . . 66B.7 Security of HC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68B.8 Intractability assumptions related to concrete groups . . . . . . . . . . . . . . . 68B.9 Security of ECIES-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69B.10 Sec

25、urity of PSEC-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71B.11 Security of ACE-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71B.12 The RSA inversion problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72B.13 Security of RSAES . . . . . . .

26、 . . . . . . . . . . . . . . . . . . . . . . . . . . . 73B.14 Security of RSA-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73B.15 Security of HIME(R) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74Annex C (informative) Test vectors . . . . . . . . . . . . .

27、. . . . . . . . . . . . . . . . . 75C.1 Test vectors for DEM1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75C.2 Test vectors for ECIES-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76C.3 Test vectors for PSEC-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . .

28、 83C.4 Test vectors for ACE-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91C.5 Test vectors for RSAES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100C.6 Test vectors for RSA-KEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105C.7 Test vectors for HC .

29、. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109C.8 Test vectors for HIME(R) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112Bibliography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123INCITS/ISO/IEC 18033-2:20062008 ITIC 20

30、08 All rights reservedvForewordISO (the International Organization for Standardization) and IEC (the International ElectrotechnicalCommission) form the specialized system for worldwide standardization. National bodies that aremembers of ISO or IEC participate in the development of International Stan

31、dards through technicalcommittees established by the respective organization to deal with particular fields of technicalactivity. ISO and IEC technical committees collaborate in fields of mutual interest. Otherinternational organizations, governmental and non-governmental, in liaison with ISO and IE

32、C, alsotake part in the work. In the field of information technology, ISO and IEC have established a jointtechnical committee, ISO/IEC JTC 1.International Standards are drafted in accordance with the rules given in the ISO/IEC Directives,Part 2.The main task of the joint technical committee is to pr

33、epare International Standards. DraftInternational Standards adopted by the joint technical committee are circulated to national bodies forvoting. Publication as an International Standard requires approval by at least 75 % of the nationalbodies casting a vote.ISO/IEC 18033-2 was prepared by Joint Tec

34、hnical Committee ISO/IEC JTC 1, Informationtechnology, Subcommittee SC 27, IT Security techniques.ISO/IEC 18033 consists of the following parts, under the general title Information technology Security techniques Encryption algorithms: Part 1: General Part 2: Asymmetric ciphers Part 3: Block ciphers

35、Part 4: Stream ciphersINCITS/ISO/IEC 18033-2:20062008 ITIC 2008 All rights reservedvi The International Organization for Standardization (ISO) and International ElectrotechnicalCommission (IEC) draw attention to the fact that it is claimed that compliance with this InternationalStandard may involve

36、the use of patents.The ISO and IEC take no position concerning the evidence, validity and scope of this patent right.The holder of this patent right has assured the ISO and IEC that he is willing to negotiate licencesunder reasonable and non-discriminatory terms and conditions with applicants throug

37、hout the world.In this respect, the statement of the holder of this patent right is registered with the ISO and IEC.Information may be obtained from:ISO/IEC JTC 1/SC 27 Standing Document 8 (SD8) “Patent Information“Standing Document 8 (SD8) is publicly available at: http:/www.ni.din.de/sc27Attention

38、 is drawn to the possibility that some of the elements of this International Standard may bethe subject of patent rights other than those identified above. ISO and IEC shall not be heldresponsible for identifying any or all such patent rights.IntroductionINCITS/ISO/IEC 18033-2:20062008 ITIC 2008 All

39、 rights reserved1Information technology Security techniques Encryption algorithms Part 2: Asymmetric ciphers 1 Scope This part of ISO/IEC 18033 specifies several asymmetric ciphers. These specifications prescribe the functional interfaces and correct methods of use of such ciphers in general, as wel

40、l as the precise functionality and cipher text format for several specific asymmetric ciphers (although conforming systems may choose to use alternative formats for storing and transmitting cipher-texts). A normative annex (Annex A) gives ASN.1 syntax for object identifiers, public keys, and paramet

41、er structures to be associated with the algorithms specified in this part of ISO/IEC 18033. However, these specifications do not prescribe protocols for reliably obtaining a public key, for proof of possession of a private key, or for validation of either public or private keys; see ISO/IEC 11770-3

42、for guidance on such key management issues. The asymmetric ciphers that are specified in this part of ISO/IEC 18033 are indicated in Clause 7.6. NOTE Briefly, the asymmetric ciphers are: ECIES-HC; PSEC-HC; ACE-HC: generic hybrid ciphers based on ElGamal encryption; RSA-HC: a generic hybrid cipher ba

43、sed on the RSA transform; RSAES: the OAEP padding scheme applied to the RSA transform; HIME(R): a scheme based on the hardness of factoring. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited

44、applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 9797-1:1999, Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipher ISO/IEC 9797-2:2002, Information technology S

45、ecurity techniques Message Authentication Codes (MACs) Part 2: Mechanisms using a dedicated hash-function ISO/IEC 10118-2:2000, Information technology Security techniques Hash-functions Part 2: Hash-functions using an n-bit block cipher ISO/IEC 10118-3:2004, Information technology Security technique

46、s Hash-functions Part 3: Dedicated hash-functions ISO/IEC 18033-3:2005, Information technology Security techniques Encryption algorithms Part 3: Block ciphers AAMERICAN NATIONAL STANDARD INCITS/ISO/IEC 18033-2:20062008 ITIC 2008 All rights reserved2 3 Definitions For the purposes of this document, t

47、he following terms and definitions apply.NOTE Where appropriate, forward references are given to clauses which contain more detailed definitions and/or further elaboration. 3.1 asymmetric cipher system based on asymmetric cryptographic techniques whose public transformation is used for encryption an

48、d whose private transformation is used for decryption ISO/IEC 18033-1 NOTE See Clause 7. 3.2 asymmetric cryptographic technique cryptographic technique that uses two related transformations, a public transformation (defined by the public key) and a private transformation (defined by the private key)

49、. The two transformations have the property that, given the public transformation, it is computationally infeasible to derive the private transformation. ISO/IEC 11770-1:1996 3.3 asymmetric key pair pair of related keys, a public key and a private key, where the private key defines the private transformation and the public key defines the public transformation ISO/IEC 9798-1:1997 NOTE See Clauses 7, 8.1. 3.4 bit one of the two symbols 0 or 1 NOTE See

展开阅读全文
相关资源
  • ANSI Z97 1-2009 American National Standard for Safety Glazing Materials used in Buildings - Safety Performance Specifications and Methods of Test《建筑物中窗用玻璃材料安全性用.pdfANSI Z97 1-2009 American National Standard for Safety Glazing Materials used in Buildings - Safety Performance Specifications and Methods of Test《建筑物中窗用玻璃材料安全性用.pdf
  • ANSI Z97 1 ERTA-2010 Re ANSI Z97 1 - 2009 Errata《修订版 美国国家标准学会Z97 1-2009标准的勘误表》.pdfANSI Z97 1 ERTA-2010 Re ANSI Z97 1 - 2009 Errata《修订版 美国国家标准学会Z97 1-2009标准的勘误表》.pdf
  • ANSI Z21 40 2a-1997 Gas-Fired Work Activated Air-Conditioning and Heat Pump Appliances (Same as CGA 2 92a)《燃气、工作激活空气调节和热泵器具(同 CGA 2 92a)》.pdfANSI Z21 40 2a-1997 Gas-Fired Work Activated Air-Conditioning and Heat Pump Appliances (Same as CGA 2 92a)《燃气、工作激活空气调节和热泵器具(同 CGA 2 92a)》.pdf
  • ANSI Z124 9-2004 American National Standard for Plastic Urinal Fixtures《塑料小便器用美国国家标准》.pdfANSI Z124 9-2004 American National Standard for Plastic Urinal Fixtures《塑料小便器用美国国家标准》.pdf
  • ANSI Z124 4-2006 American National Standard for Plastic Water Closet Bowls and Tanks《塑料抽水马桶和水箱用美国国家标准》.pdfANSI Z124 4-2006 American National Standard for Plastic Water Closet Bowls and Tanks《塑料抽水马桶和水箱用美国国家标准》.pdf
  • ANSI Z124 3-2005 American National Standard for Plastic Lavatories《塑料洗脸盆用美国国家标准》.pdfANSI Z124 3-2005 American National Standard for Plastic Lavatories《塑料洗脸盆用美国国家标准》.pdf
  • ANSI T1 659-1996 Telecommunications - Mobility Management Application Protocol (MMAP) RCF-RACF Operations《电信 可移动管理应用协议(MMAP) RCF-RACF操作》.pdfANSI T1 659-1996 Telecommunications - Mobility Management Application Protocol (MMAP) RCF-RACF Operations《电信 可移动管理应用协议(MMAP) RCF-RACF操作》.pdf
  • ANSI T1 651-1996 Telecommunications – Mobility Management Application Protocol (MMAP)《电信 可移动性管理应用协议》.pdfANSI T1 651-1996 Telecommunications – Mobility Management Application Protocol (MMAP)《电信 可移动性管理应用协议》.pdf
  • ANSI T1 609-1999 Interworking between the ISDN User-Network Interface Protocol and the Signalling System Number 7 ISDN User Part《电信 ISDN用户间网络接口协议和7号信令系统ISDN用户部分.pdfANSI T1 609-1999 Interworking between the ISDN User-Network Interface Protocol and the Signalling System Number 7 ISDN User Part《电信 ISDN用户间网络接口协议和7号信令系统ISDN用户部分.pdf
  • ANSI T1 605-1991 Integrated Services Digital Network (ISDN) - Basic Access Interface for S and T Reference Points (Layer 1 Specification)《综合服务数字网络(ISDN) S和T基准点的.pdfANSI T1 605-1991 Integrated Services Digital Network (ISDN) - Basic Access Interface for S and T Reference Points (Layer 1 Specification)《综合服务数字网络(ISDN) S和T基准点的.pdf
  • 猜你喜欢
    相关搜索

    当前位置:首页 > 标准规范 > 国际标准 > ANSI

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1