ANSI-X9.44-2007.pdf
《ANSI-X9.44-2007.pdf》由会员分享,可在线阅读,更多相关《ANSI-X9.44-2007.pdf(208页珍藏版)》请在三一文库上搜索。
1、i ASC X9 Inc., 2007 all rights reserved American National Standard for Financial Services ANSI X9.442007 Public-Key Cryptography for the Financial Services Industry Key Establishment Using Integer Factorization Cryptography Accredited Standards Committee X9, Incorporated Financial Industry Standards
2、 Date Approved: August 24, 2007 American National Standards Institute Copyright American National Standards Institute Provided by IHS under license with ANSI Licensee=IHS Employees/1111111001, User=Japan, IHS Not for Resale, 12/18/2007 00:29:18 MSTNo reproduction or networking permitted without lice
3、nse from IHS -,-,- ANSI X9.44- 2007 ii ASC X9 Inc., 2007 all rights reserved Contents Page Foreword. vii Introduction. viii 1 Scope . 1 2 Normative references. 2 3 Terms and definitions. 2 4 Symbols and abbreviated terms . 7 5 Overview and organization 14 5.1 General. 14 5.2 Compatibility modes. 15
4、5.3 Organization 15 6 Security levels. 16 7 Data conversion primitives 17 7.1 Overview 17 7.2 Integer to Octet String Primitive (I2OSP) 17 7.3 Octet String to Integer Primitive (OS2IP) . 18 8 Components from other X9 sources. 19 8.1 Overview 19 8.2 Random number (bit) generators (RNGs) 19 8.3 Prime
5、number generators 19 8.4 Primality testing methods 19 8.5 Hash functions 20 8.6 Message authentication codes 20 8.7 Symmetric key-wrapping schemes. 22 8.8 Signature schemes with appendix 22 9 Additional components 23 9.1 Overview 23 9.2 Mask generation functions 23 9.2.1 Overview 23 9.2.2 MGF1 23 9.
6、3 Key derivation functions 24 9.3.1 Overview 24 9.3.2 KDF2/KDF3 25 10 Public-key components . 27 10.1 Overview 27 10.2 RSA key pairs 27 10.3 RSA key pair generators 28 10.3.1 RSAKPG1 family: RSA key pair generation with a fixed public exponent 29 10.3.2 RSAKPG2: RSA key pair generation with a random
7、 public exponent 32 10.4 RSA key pair validation 35 10.4.1 Overview 35 10.4.2 RSAKPV1: RSA Key Pair Validation with a Fixed Exponent 36 10.4.3 RSAKPV2: RSA Key Pair Validation with a Random Exponent. 39 10.5 Partial public-key validation and plausibility tests . 43 10.5.1 Overview 43 Copyright Ameri
8、can National Standards Institute Provided by IHS under license with ANSI Licensee=IHS Employees/1111111001, User=Japan, IHS Not for Resale, 12/18/2007 00:29:18 MSTNo reproduction or networking permitted without license from IHS -,-,- ANSI X9.442007 ASC X9 Inc., 2007 all rights reserved iii 10.5.2 Pl
9、ausible Size Tests44 10.5.3 Plausible size and value tests44 10.6 Encryption and decryption primitives.46 10.6.1 Overview.46 10.6.2 RSAEP 46 10.6.3 RSADP47 10.7 Asymmetric encryption schemes49 10.7.1 Overview.49 10.7.2 RSAES-OAEP.49 10.7.3 RSAES-KEM-KWS .56 10.8 Secret-value encapsulation scheme .60
10、 10.8.1 Overview.60 10.8.2 RSASVES161 11 Key management considerations for public and private keys.63 11.1 Overview.63 11.2 Public-key distribution63 11.3 Assurance of possession of the private key associated with the public key.63 11.4 Key usage.63 11.5 Assurances of key pair and public-key validit
11、y .64 11.5.1 Owner assurances of key pair validity64 11.5.2 User assurances of public-key validity.66 12 Key confirmation .67 12.1 Overview.67 12.2 Operation68 12.3 MAC data68 13 Key agreement schemes 69 13.1 Overview.69 13.2 KAS1 family: Key agreement based on secret-value encapsulation.70 13.2.1 O
12、verview.70 13.2.2 Common components.70 13.2.3 kas1-basic 72 13.2.4 kas1-responder-confirmation.74 13.2.5 kas1-bilateral-confirmation.76 13.2.6 kas1-bilateral-confirmation-initiator-authentication79 14 Key transport schemes.82 14.1 Overview.82 14.2 KTS1 family: Key transport based on asymmetric encry
13、ption.82 14.2.1 Overview.82 14.2.2 Common components.82 14.2.3 kts1-basic.84 14.2.4 kts1-receiver-confirmation .86 Annex A (normative) Compatibility Components 89 A.1 Overview.89 A.2 US-ASCII to Octet String Primitive (ASC2OSP)89 A.3 PRF-TLS89 A.4 RSA Signature Primitive (RSASP) .91 A.5 RSA Verifica
14、tion Primitive (RSAVP) 91 A.6 RSAES-PKCS1-v1_592 A.6.1 Overview.92 A.6.2 Encryption operation 92 A.6.3 Decryption operation 93 A.7 RSASVES-TLS95 Copyright American National Standards Institute Provided by IHS under license with ANSI Licensee=IHS Employees/1111111001, User=Japan, IHS Not for Resale,
15、12/18/2007 00:29:18 MSTNo reproduction or networking permitted without license from IHS -,-,- ANSI X9.44- 2007 iv ASC X9 Inc., 2007 all rights reserved A.7.1 Overview 95 A.7.2 Generation operation 95 A.7.3 Recovery operation 96 A.8 RSASSA-TLS. 98 A.8.1 Overview 98 A.8.2 Signature operation 98 A.8.3
16、Verification operation. 99 Annex B (normative) ASN.1 Syntax 101 B.1 Overview 101 B.2 Useful types and definitions 101 B.3 Components from other X9 sources. 102 B.3.1 Overview 102 B.3.2 Hash functions 102 B.3.3 Message authentication codes 104 B.3.4 Symmetric key-wrapping schemes. 105 B.3.5 Signature
17、 schemes with appendix 106 B.4 Additional components 106 B.4.1 Overview 106 B.4.2 MGF1 106 B.4.3 KDF2. 107 B.4.4 KDF3. 107 B.5 Public-key components . 107 B.5.1 Overview 107 B.5.2 Public and private keys 107 B.5.3 RSAES-OAEP 109 B.5.4 RSAES-KEM-KWS. 110 B.5.5 RSASVES1. 111 B.6 Key establishment sche
18、mes 111 B.6.1 Overview 111 B.6.2 KAS1 family. 112 B.6.3 KTS1 family . 116 B.7 Compatibility components. 118 B.7.1 Overview 118 B.7.2 PRF-TLS. 118 B.7.3 RSAES-PKCS1-v1_5. 118 B.7.4 RSASVES-TLS. 119 B.7.5 RSASSA-TLS. 119 B.8 ASN.1 module 119 Annex C (informative) Security Considerations 132 C.1 Overvi
19、ew 132 C.2 RSA Problem. 132 C.3 Integer factoring 134 C.4 RSA key pairs 135 C.4.1 Overview 135 C.4.2 Key size 135 C.4.3 Prime factors. 135 C.4.4 Public exponent 136 C.4.5 Private exponent. 137 C.4.6 Private-key representation. 137 C.5 Public-key techniques 137 C.5.1 Encryption and decryption primiti
20、ves 137 C.5.2 Asymmetric encryption schemes . 137 C.5.3 Secret-value encapsulation schemes. 138 C.5.4 Signature schemes with appendix 139 C.6 Key establishment schemes 139 C.6.1 KAS1 family. 141 Copyright American National Standards Institute Provided by IHS under license with ANSI Licensee=IHS Empl
21、oyees/1111111001, User=Japan, IHS Not for Resale, 12/18/2007 00:29:18 MSTNo reproduction or networking permitted without license from IHS -,-,- ANSI X9.442007 ASC X9 Inc., 2007 all rights reserved v C.6.2 KTS1 family142 C.7 Side-channel attacks.142 C.8 Hash Functions143 Annex D (informative) Assuran
22、ce of Validity for RSA Public Keys 144 D.1 Introduction144 D.2 Assurance through validation144 D.3 Motivations for checking public keys .145 D.4 Relying on other parties .146 D.5 Full public-key validation147 Annex E (informative) TLS Profile of KAS1 Family149 E.1 Overview.149 E.2 TLS handshake with
23、 server authentication149 E.3 TLS handshake with mutual authentication.152 E.4 Summary of TLS messages153 E.5 Recommended enhancements.154 E.6 Assurance of public-key validity in TLS .155 Annex F (informative) ANS X9.73 and S/MIME CMS Profile of KTS1 Family.156 F.1 Overview.156 F.2 kts1-basic parame
24、ters.156 F.3 Summary of protocol fields156 F.4 Recommended enhancements.157 Annex G (informative) Supporting Algorithms.159 G.1 Greatest common divisor.159 G.2 Least common multiple 160 G.3 Modular inverse.160 G.4 Prime factor recovery162 G.5 Enhanced Miller-Rabin Provable Compositeness / Probabilis
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- ANSI X9 44 2007
链接地址:https://www.31doc.com/p-3729392.html