Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 21078.4-2023 English PDF

US$119.00 ยท In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 21078.4-2023: Financial services - Personal Identification Number (PIN) management and security - Part 4: Approved algorithms for PIN encipherment
Status: Valid
Standard IDUSDBUY PDFLead-DaysStandard Title (Description)Status
GB/T 21078.4-2023119 Add to Cart 3 days Financial services - Personal Identification Number (PIN) management and security - Part 4: Approved algorithms for PIN encipherment Valid

Similar standards

JR/T 0197   JR/T 0154   GB/T 19584   GB/T 21078.1   GB/T 21079.1   GB/T 21079.2   

Basic data

Standard ID: GB/T 21078.4-2023 (GB/T21078.4-2023)
Description (Translated English): Financial services - Personal Identification Number (PIN) management and security - Part 4: Approved algorithms for PIN encipherment
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: A11
Classification of International Standard: 35.240.40
Word Count Estimation: 6,693
Date of Issue: 2023-03-17
Date of Implementation: 2023-03-17
Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration

GB/T 21078.4-2023: Financial services - Personal Identification Number (PIN) management and security - Part 4: Approved algorithms for PIN encipherment


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35.240.40 CCSA11 National Standards of People's Republic of China Financial Services PIN Management and Security Part 4.Approved PIN Encryption Algorithms encipherment, MOD] Released on 2023-03-17 2023-03-17 Implementation State Administration for Market Regulation Released by the National Standardization Management Committee

table of contents

Preface I Introduction II 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Triple Data Encryption Algorithm 1 4.1 Definition 1 4.2 Use 1 5 RSA encryption algorithm 2 5.1 Definition 2 5.2 Use 2 6 AES encryption algorithm 2 6.1 Definition 2 6.2 Use 2 7 SM4 Block Cipher Algorithm 2 7.1 Definition 2 7.2 Use 2

foreword

This document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for Standardization Work Part 1.Structure and Drafting Rules for Standardization Documents" drafting. This document is part 4 of GB/T 21078.GB/T 21078 has issued the following parts. ---Financial Services Personal Identification Number Management and Security Part 1.PIN Basic Principles and Requirements Based on Card System (GB/T 21078.1); --- Banking Personal Identification Number Management and Security Part 3.Guidelines for PIN Processing in Open Networks (GB/T 21078.3); --- Financial Services Personal Identification Number Management and Security Part 4.Approved PIN Encryption Algorithms (GB/T 21078.4). This document is modified to adopt ISO 9564-2.2014 "Financial Services Personal Identification Number Management and Security Part 2.Approved PIN plus Encryption Algorithm". Compared with ISO 9564-2.2014, this document has made the following structural adjustments. --- Increased "Terms and Definitions" chapter (see Chapter 3). The technical differences between this document and ISO 9564-2.2014 and the reasons are as follows. --- Changed the normative reference documents, and replaced ISO 9564-1 with GB/T 21078.1-2023 (see Chapter 2) to adapt to my country's Technical conditions; --- The SM4 block cipher algorithm (see Chapter 7) has been added to adapt to domestic practical applications. The following editorial changes have been made to this document. --- Added notes on the definition and use of the algorithm to facilitate reading. Please note that some contents of this document may refer to patents. The issuing agency of this document assumes no responsibility for identifying patents. This document is under the jurisdiction of the National Financial Standardization Technical Committee (SAC/TC180). This document was drafted by. China UnionPay Co., Ltd., Beijing UnionPay Gold Card Technology Co., Ltd., Agricultural Bank of China Co., Ltd. company. The main drafters of this document. Zhao Hai, Tang Yang, Yuan Sisi, Zhang Yanchao, Tan Yifu, Liu Gang, Ma Jun, Wang Peng.

Introduction

GB/T 21078 aims to specify the basic principles and requirements of PIN management and security in financial services, and is intended to be composed of three parts. --- "Financial Services Personal Identification Number Management and Security Part 1.Basic Principles and Requirements of PIN Based on Card System" (GB/T 21078.1), which aims to provide the basic principles and techniques for the minimum security measures required for effective PIN management. --- "Management and Security of Personal Identification Numbers in Banking Services Part 3.Guidelines for PIN Processing in Open Networks" (GB/T 21078.3), aimed at Define minimum PIN security guidelines in an open network environment. --- "Financial Services Personal Identification Number Management and Security Part 4.Approved PIN Encryption Algorithms" (GB/T 21078.4), aimed at Define approved PIN encryption algorithms and requirements for their use. It has been more than ten years since the first part of GB/T 21078 was released in.2007.During this period, the application of PIN in financial services has continued to deepen. Changes have also taken place in the management and security requirements for PIN and related international standards. ---ISO 9564-1.2002 adopted by GB/T 21078.1-2007 was revised twice in.2011 and.2017. GB/T 21078.1-2007 was replaced by GB/T 21078.1-2023; ---GB/T 21078.2-2011 revised ISO 9564-3.2003 which was merged into ISO 9564-1 in.2011, ISO 9564-3.2003 has been abolished, and GB/T 21078.2-2011 is replaced by GB/T 21078.1-2023; ---GB/T 21078.3-2011 equivalently adopts ISO /T R9564-4.2004 to provide security for PIN in an open network environment Protect; --- This document is modified to adopt ISO 9564-2.2014 to supplement the blank of the approved PIN encryption algorithm and adapt to the continuously generated passwords Algorithm application new requirements. This document, on the basis of meeting the application requirements of international cryptographic algorithms, combined with the actual application of cryptographic algorithms in my country, includes the following Approval Algorithm for Password PIN. --- Triple data encryption algorithm; ---RSA encryption algorithm; ---AES encryption algorithm; --- SM4 block cipher algorithm. Financial Services PIN Management and Security Part 4.Approved PIN Encryption Algorithms

1 Scope

This document applies to the scenario where the PIN is encrypted and protected.

2 Normative references

The contents of the following documents constitute the essential provisions of this document through normative references in the text. Among them, dated references For documents, only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to this document. GB/T 21078.1-2023 Financial Services Personal Identification Number Management and Security Part 1.PIN Basic Principles Based on Card System Rules and requirements (ISO 9564-1.2017, MOD) GB/T 32907 Information Security Technology SM4 Block Cipher Algorithm ISO /IEC 18033-2 Information Technology Security Technology Encryption Algorithms Part 2.Asymmetric Cryptography (Information ISO /IEC 18033-3 Information Technology Security Technology Encryption Algorithms Part 3.Block Ciphers (Information

3 Terms and Definitions

This document does not have terms and definitions that need to be defined.

4 triple data encryption algorithm

4.1 Definition Describe the definition. Note. TDEA is a kind of symmetric algorithm. 4.2 use When using the TDEA defined by ISO /IEC 18033-3, the TDEA key option is 1 or 2 to GB/T 21078.1-2023 When encrypting the PIN data block described in, TDEA shall run on the Electronic Codebook (Electronic Codebook) specified in ISO /IEC 10116. CodeBook, ECB) mode (where the packet size n is 64). This encryption algorithm is only approved for formats 0, 1 and 3 of the PIN data block. Note. Please refer to 10.3.2 of GB/T 21078.1-2023 for the relevant content of PIN data block format 0, and see GB/T 21078.1-2023 for relevant content of format 1 ......
Image     

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 21078.4-2023_English be delivered?

Answer: Upon your order, we will start to translate GB/T 21078.4-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 21078.4-2023_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 21078.4-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.