1、 National Standard of CanadaCAN/CSA-ISO/IEC 10118-1:02(ISO/IEC 10118-1:2000)International Standard ISO/IEC 10118-1:2000 (second edition, 2000-06-15), has been adopted withoutmodification (IDT) as CSA Standard CAN/CSA-ISO/IEC 10118-1:02, which has been approved as a NationalStandard of Canada by the
2、Standards Council of Canada.ISBN 1-55324-701-9 March 2002Information technology Securitytechniques Hash-functions Part 1:GeneralTechnologies de linformation Techniques de scurit Fonctionsde brouillage Partie 1: GnralitsReference numberISO/IEC 10118-1:2000(E) ISO/IEC 2000The Canadian Standards Associ
3、ation (CSA), The Standards Council of Canada is theunder whose auspices this National Standard has been coordinating body of the National Standards system, produced, was chartered in 1919 and accredited by a federation of independent, autonomousthe Standards Council of Canada to the National organiz
4、ations working towards the furtherStandards system in 1973. It is a not-for-profit, development and improvement of voluntarynonstatutory, voluntary membership association standardization in the national interest.engaged in standards development and certification The principal objects of the Council
5、are to foster activities. and promote voluntary standardization as a means CSA standards reflect a national consensus of of advancing the national economy, benefiting theproducers and users including manufacturers, health, safety, and welfare of the public, assisting consumers, retailers, unions and
6、 professional and protecting the consumer, facilitating domestic organizations, and governmental agencies. The and international trade, and furthering internationalstandards are used widely by industry and commerce cooperation in the field of standards.and often adopted by municipal, provincial, and
7、 A National Standard of Canada is a standard whichfederal governments in their regulations, particularly in has been approved by the Standards Council ofthe fields of health, safety, building and construction, Canada and one which reflects a reasonableand the environment. agreement among the views o
8、f a number of capableIndividuals, companies, and associations across individuals whose collective interests provide to theCanada indicate their support for CSAs standards greatest practicable extent a balance ofdevelopment by volunteering their time and skills to representation of producers, users,
9、consumers, andCSA Committee work and supporting the Associations others with relevant interests, as may be appropriateobjectives through sustaining memberships. The more to the subject in hand. It normally is a standardthan 7000 committee volunteers and the 2000 which is capable of making a signific
10、ant and timelysustaining memberships together form CSAs total contribution to the national interest.membership from which its Directors are chosen. Approval of a standard as a National Standard ofSustaining memberships represent a major source of Canada indicates that a standard conforms to theincom
11、e for CSAs standards development activities. criteria and procedures established by the StandardsThe Association offers certification and testing Council of Canada. Approval does not refer to theservices in support of and as an extension to its technical content of the standard; this remains thestan
12、dards development activities. To ensure the continuing responsibility of the accreditedintegrity of its certification process, the Association standards-development organization.regularly and continually audits and inspects products Those who have a need to apply standards arethat bear the CSA Mark.
13、 encouraged to use National Standards of CanadaIn addition to its head office and laboratory complex whenever practicable. These standards are subject in Toronto, CSA has regional branch offices in major to periodic review; therefore, users are cautioned centres across Canada and inspection and test
14、ing to obtain the latest edition from the organizationagencies in eight countries. Since 1919, the preparing the standard.Association has developed the necessary expertise to The responsibility for approving National Standards meet its corporate mission: CSA is an independent of Canada rests with th
15、eservice organization whose mission is to provide an Standards Council of Canadaopen and effective forum for activities facilitating the 270 Albert Street, Suite 200exchange of goods and services through the use of Ottawa, Ontario, K1P 6N7standards, certification and related services to meet Canadan
16、ational and international needs.For further information on CSA services, write toCanadian Standards Association178 Rexdale BoulevardToronto, Ontario, M9W 1R3CanadaAlthough the intended primary application of this Standard is stated in its Scope, it is importantto note that it remains the responsibil
17、ity of the users to judge its suitability for their particular purpose.Registered trade-mark of Canadian Standards AssociationInformation technology Security techniques CAN/CSA-ISO/IEC 10118-1:02 Hash-functions Part 1: GeneralMarch 2002 Canadian Standards Association CSA/1CAN/CSA-ISO/IEC 10118-1:02I
18、nformation technology Securitytechniques Hash-functions Part 1: GeneralCSA PrefaceThis is the second edition of CSA Standard CAN/CSA-ISO/IEC 10118-1. It supersedes the previous editionpublished in 1996 (adoption of ISO/IEC 10118-1:1994).Standards development within the Information Technology sector
19、is harmonized with international standardsdevelopment. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve asthe Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology(ISO/IEC JTC1) for the Standards Council of Canada (SCC
20、), the ISO member body for Canada and sponsor ofthe Canadian National Committee of the IEC. Also, as a member of the International TelecommunicationUnion (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee(ITU-T).This International Standard was reviewed by
21、the CSA TCIT under the jurisdiction of the Strategic SteeringCommittee on Information Technology and deemed acceptable for use in Canada. (A committee membershiplist is available on request from the CSA Project Manager.) From time to time, ISO/IEC may publish addenda,corrigenda, etc. The CSA TCIT wi
22、ll review these documents for approval and publication. For a listing, refer tothe CSA Information Products catalogue or CSA Info Update or contact a CSA Sales representative. ThisStandard has been formally approved, without modification, by these Committees and has been approved as aNational Standa
23、rd of Canada by the Standards Council of Canada.March 2002 Canadian Standards Association 2002All rights reserved. No part of this publication may be reproduced in any form whatsoever without the prior permission of thepublisher. ISO/IEC material is reprinted with permission. Where the words “this I
24、nternational Standard” appear in the text, theyshould be interpreted as “this National Standard of Canada”. Inquiries regarding this National Standard of Canada should be addressed to Canadian Standards Association 178 Rexdale Boulevard, Toronto, Ontario, Canada M9W 1R31-800-463-6727 416-747-4044www
25、.csa.caReference numberISO/IEC 10118-1:2000(E)ISO/IEC 2000INTERNATIONALSTANDARDISO/IEC10118-1Second edition2000-06-15Information technology Securitytechniques Hash-functions Part 1:GeneralTechnologies de linformation Techniques de scurit Fonctionsde brouillage Partie 1: GnralitsISO/IEC 10118-1:2000(
26、E)PDF disclaimerThis PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall notbe edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading thisfile, p
27、arties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in thisarea.Adobe is a trademark of Adobe Systems Incorporated.Details of the software products used to create this PDF file can be found in the General Info relative
28、to the file; the PDF-creation parameterswere optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely eventthat a problem relating to it is found, please inform the Central Secretariat at the address given below. ISO 2000All
29、rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronicor mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member bodyin the country of t
30、he requester.ISO copyright officeCase postale 56 Gb7 CH-1211 Geneva 20Tel. + 41 22 749 01 11Fax + 41 22 734 10 79E-mail copyrightiso.chWeb www.iso.chii ISO/IEC 2000 All rights reservedISO/IEC 10118-1:2000(E) ISO/IEC 2000 All rights reserved iiiForewordISO (the International Organization for Standard
31、ization) and IEC (the International Electrotechnical Commission)form the specialized system for worldwide standardization. National bodies that are members of ISO or IECparticipate in the development of International Standards through technical committees established by therespective organization to
32、 deal with particular fields of technical activity. ISO and IEC technical committeescollaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, inliaison with ISO and IEC, also take part in the work.International Standards are drafted in accordance
33、 with the rules given in the ISO/IEC Directives, Part 3.In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting.Publication as a
34、n International Standard requires approval by at least 75 % of the national bodies casting a vote.Attention is drawn to the possibility that some of the elements of this part of ISO/IEC 10118 may be the subject ofpatent rights. ISO and IEC shall not be held responsible for identifying any or all suc
35、h patent rights.International Standard ISO/IEC 10118-1 was prepared by Joint Technical Committee ISO/IEC JTC 1, Informationtechnology, Subcommittee SC 27, IT Security techniques.This second edition cancels and replaces the first edition (ISO/IEC 10118-1:1994), which has been technicallyrevised to ad
36、d a general model for hash-functions. Note, however, that implementations which comply withISO/IEC 10118-1:1994 will be compliant with this edition of ISO/IEC 10118-1.ISO/IEC 10118 consists of the following parts, under the general title Information technology Securitytechniques Hash-functions:Gbe P
37、art 1: GeneralGbe Part 2: Hash-functions using an n-bit block cipher algorithmGbe Part 3: Dedicated hash-functionsGbe Part 4: Hash-functions using modular arithmeticAnnex A forms a normative part of this part of ISO/IEC 10118.INTERNATIONAL STANDARD ISO/IEC 10118-1:2000(E) ISO/IEC 2000 All rights res
38、erved 1Information technology Security techniques Hash-functions Part 1:General1 ScopeISO/IEC 10118 specifies hash-functions and is therefore applicable to the provision of authentication, integrity andnon-repudiation services. Hash-functions map arbitrary strings of bits to a fixed-length strings o
39、f bits, using aspecified algorithm. They can be used for- reducing a message to a short imprint for input to a digital signature mechanism, and- committing the user to a given string of bits without revealing this string.NOTE - The hash-functions specified in this part of ISO/IEC 10118 do not involv
40、e the use of secret keys. However,these hash-functions may be used, in conjunction with secret keys, to build message authentication codes.Message Authentication Codes (MACs) provide data origin authentication as well as message integrity. For thecalculation of a MAC the user is referred to ISO/IEC
41、9797.This part of ISO/IEC 10118 contains definitions, symbols, abbreviations and requirements, that are common to allthe other parts of ISO/IEC 10118.2 Normative referencesISO/IEC 9797 (all parts), Information technology Security techniques Message Authentication Codes (MACs).3 Terms and definitions
42、For the purposes of this part of ISO/IEC 10118, the following terms and definitions apply.3.1big-endiana method of storage of multi-byte numbers with the most significant bytes at the lowest memory addresses3.2collision-resistant hash-functiona hash-function satisfying the following property: it is
43、computationally infeasible to find any two distinct inputs whichmap to the same outputNOTE computational feasibility depends on the specific security requirements and environment.3.3data string (data)a string of bits which is the input to a hash-functionThe following normative documents contain prov
44、isions which, through reference in this text, constitute provisions ofthis part of ISO/IEC 10118. For dated references, subsequent amendments to, or revisions of, any of thesepublications do not apply. However, parties to agreements based on this part of ISO/IEC 10118 are encouraged toinvestigate th
45、e possibility of applying the most recent editions of the normative documents indicated below. Forundated references, the latest edition of the normative document referred to applies. Members of ISO and IECmaintain registers of currently valid International Standards.ISO/IEC 10118-1:2000(E)2 ISO/IEC
46、 2000 All rights reserved3.4hash-codethe string of bits which is the output of a hash-functionNOTE The literature on this subject contains a variety of terms that have the same or similar meaning as hash-code.Modification Detection Code, Manipulation Detection Code, digest, hash-result, hash-value a
47、nd imprint are some examples.3.5hash-functiona function which maps strings of bits to fixed-length strings of bits, satisfying the following two properties:- it is computationally infeasible to find for a given output, an input which maps to this output;- it is computationally infeasible to find for
48、 a given input, a second input which maps to the same outputNOTE Computational feasibility depends on the specific security requirements and environment.3.6hash-function identifiera byte identifying a specific hash-function3.7initializing valuea value used in defining the starting point of a hash-fu
49、nction3.8output transformationa transformation or mapping of the output of the iteration stage to obtain the hash-code3.9paddingappending extra bits to a data string3.10round-functiona function f (.,.) that transforms two binary strings of lengths L1and L2to a binary string of length L2- it is usediteratively as part of a hash-function, where it combines a data string of length L1with the previous output of lengthL24 Symbols (and abbreviated terms)4.1 General SymbolsThroughout ISO/IEC 10118, the
