GB/T 27909.3-2011 English PDFUS$509.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 27909.3-2011: Banking -- Key management (retail) -- Part 3: Asymmetric cryptosystems -- Key management and life cycle Status: Valid
Basic dataStandard ID: GB/T 27909.3-2011 (GB/T27909.3-2011)Description (Translated English): Banking -- Key management (retail) -- Part 3: Asymmetric cryptosystems -- Key management and life cycle Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: A11 Classification of International Standard: 35.240.40 Word Count Estimation: 22,288 Date of Issue: 2011-12-30 Date of Implementation: 2012-02-01 Quoted Standard: GB/T 27909.1; GB/T 27909.2; GB/T 17964-2000; GB/T 20547.2; GB/T 21078.1; GB/T 21079.1; ISO/IEC 9796-2-2002; ISO/IEC 10118-1; ISO/IEC 10118-2; ISO/IEC 10118-3; ISO/IEC 10118-4; ISO/IEC 11770-3; ISO/IEC 14888-3; ISO 15782-1-2003; ISO/IEC 15946-3-2002; ISO 16609-2004; ISO/IEC 18033-2; ANSI X9.42-2003 Adopted Standard: ISO 11568-4-2007, MOD Regulation (derived from): Announcement of Newly Approved National Standards No. 23 of 2011 Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China Summary: This standard specifies the retail financial services environment using asymmetric cryptographic mechanisms, symmetric and asymmetric key protection technology, but also describes the asymmetric key associated with the life cycle management. This section applies to technology meets the GB/T 27909. 1 principle described. This part of the retail financial services environment is limited to the interface between the following entities: card acceptance device and acquirers, acquirers and card issuer, Integrated Circuit Card (ICC) and the card acceptance device. GB/T 27909.3-2011: Banking -- Key management (retail) -- Part 3: Asymmetric cryptosystems -- Key management and life cycle---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. . Banking Key management (retail) Part 3. Asymmetric cryptosystems Key management and life cycle ICS 35.240.40 A11 National Standards of People's Republic of China Banking - Key management (retail) Part 3. asymmetric cryptosystem and Key management and life cycle Banking-Keymanagement (retail) - Part 3. Asymmetriccryptosystems-Keymanagementandlifecycle (ISO 11568-4.2007, MOD) Issued on. 2011-12-30 2012-02-01 implementation Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China Standardization Administration of China released Table of ContentsIntroduction Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms and definitions 2 4 Retail financial services system using asymmetrical cryptography 3 4.1 Overview 3 Creating and storing 4.2 symmetric key 3 4.3 asymmetric public key storage and distribution 3 4.4 Asymmetric private key storage and transport 3 5 Key Management Service provides technical 4 5.1 Overview 4 4 5.2 Key Encryption 5.3 Public Key Authentication 5 5.4 key separation technologies 5 6 5.5 Key Authentication 6 5.6 Key Integrity Technology 6 asymmetric key life cycle 7 The various stages of the life cycle of the key 7 6.1 6.2 Key Lifecycle --- generation phase 7 6.3 key storage 10 12 6.4 Public Key Distribution 6.5 asymmetric key pair transmission 12 Authenticity before use 14 6.6 6.7 14 6.8 14 revocation public key 6.9 Replacing 14 6.10 15 public failure 6.11 15 private Destruction 6.12 Delete the private key 15 Archive public key 15 6.13 6.14 terminate private key 15 6.15 Erase Summary 16 6.16 Optional lifecycle process 16 References 17ForewordGB/T 27909 "Banking - Key management (retail)" is divided into the following three parts. --- Part 1. General principles; --- Part 2. Symmetric ciphers and key management and life cycle; --- Part 3. asymmetric cryptography and key management and life cycle. This part of GB/T 27909 Part 3. This section drafted in accordance with GB/T 1.1-2009 given rules. The partial modification of international standard ISO 11568-4.2005 "Banking - Key management section (retail) 4. asymmetric cryptography System and its key management and life cycle "(in English). When adopting ISO 11568-4 made the following changes. --- Remove the "ISO 11568-4 Annex A approved algorithm." This section also made the following editorial changes. a) Normative references to international standards in the document referenced in corresponding national standards, references to the national standards; b) Delete ISO foreword. This section proposed by the People's Bank of China. This part of the National Standardization Technical Committee on Finance (SAC/TC180) centralized. This section is responsible for drafting units. China Financial Computerization Corporation. Participated in the drafting of this section. People's Bank of China, Industrial and Commercial Bank of China, Agricultural Bank of China, Bank of China, Bank of Communications, China Everbright Bank of China Unionpay. The main drafters of this section. Wang Ping baby, Lushu Chun, Li Shuguang, Zhao Zhilan, Zhouyi Peng, Zhao Hongxin, Cheng Guan, Liu Yao, Yu Guodong, Yangzeng Yu, Huang Faguo.IntroductionGB/T 27909 describes a process safety management in key retail financial services environment, such as the keys used to protect the acquirer Between the parties and the acceptance packet acquirer and card issuer between. This section describes the retail financial services sector in the applicable key management requirements, a typical type of service have sales/service points (POS) and ATM authorize borrowing record (ATM) transactions. When using the key management technology GB/T 27909 sections describe the combination can provide key management in GB/T 27909.1 described service. These services include. --- Key separation; --- Prevent the key replacement; --- Key authentication; --- Key Sync; --- Key Integrity; --- Key confidentiality; --- Key leak detection. This section describes the use of asymmetric cryptographic mechanisms, security key management involved in key life cycle. According to the standard Part 1 And this part of the key management principles, services and technologies described in this section also sets out the various stages of the life of the key requirements and implementations law. This section does not involve a symmetric cryptographic key management mechanism or life cycle, the contents of this aspect see GB/T 27909.2. This part of GB/T 27909, GB/T 21078.1, GB/T 20547, ISO 9564-2, ISO 9564-3, ISO 9564-4, ISO /T R19038 safety requirements, etc. One of the criteria described in the financial services sector. Banking - Key management (retail) Part 3. asymmetric cryptosystem and Key management and life cycle1 ScopeThis section provides retail financial services environment using asymmetric cryptographic mechanisms to protect technical symmetric and asymmetric keys, also described Associated with the asymmetric key lifecycle management. This section applies to technology in line with the principles GB/T 27909.1 described. This part of the retail financial services environment is limited to the interface between the following entities. --- Card acceptance device and the acquirer; --- Acquirer and card issuer; --- Integrated Circuit Card (ICC) and the card acceptance device.2 Normative referencesThe following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein Member. For undated references, the latest edition (including any amendments) applies to this document. GB/T 27909.1 Banking - Key management (retail) - Part 1. General principles (GB/T 27909.1-2011, ISO 11568-1.2005, MOD) GB/T 27909.2 Banking - Key management (retail) - Part 2. Symmetric ciphers and key management and life cycle (GB/T 27909.2-2011, ISO 11568-2.2005, MOD) GB/T 17964-2000 Information security technology block cipher mode of operation (ISO /IEC 10116.1997, IDT) GB/T 20547.2 Banking Secure cryptographic devices (retail) - Part 2. Secure financial transactions for compliance could detect clear Single (GB/T 20547.2-2006, ISO 13491-2.2005, MOD) GB/T 21078.1 Banking Personal Identification Number management and security - Part 1. ATM and POS systems online PIN The basic principles and requirements for processing (GB/T 21078.1-2007, ISO 9564-1.2002, MOD) GB/T 21079.1 Banking Secure cryptographic devices (retail) - Part 1. Concepts, requirements and evaluation methods (GB/T 21079.1-2007, ISO 13491-1.1998, MOD) ISO /IEC 9796-2.2002 Information technology - Security technology message recovery signature scheme ISO /IEC 10118 (all parts), Information technology - Security techniques hash function Mechanisms using asymmetric techniques. ISO /IEC 11770-3 Information technology - Security techniques - Key management - Part 3 Signatures - Part 3 ISO /IEC 14888-3 Information technology - Security techniques - Appendix. the discrete logarithm based mechanisms ISO 15782-1.2003 Banking Certificate management - Part 1. Public key certificates ISO /IEC 15946-3.2002 Information technology - Security techniques - Cryptographic techniques based on elliptic curves - Part 3. Key generate ISO 16609.2004 Banking. using symmetric techniques packets certification requirements ISO /IEC 18033-2 Information technology - Security techniques - Encryption algorithms - Part 2. asymmetric cryptography Public key cryptography ANSIX9.42-2003 financial business use discrete logarithm password symmetric key agreement ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 27909.3-2011_English be delivered?Answer: Upon your order, we will start to translate GB/T 27909.3-2011_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 27909.3-2011_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 27909.3-2011_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
