GB/T 15843.2-2017 PDF English (GB/T 15843.2-2024: Newer version)
Search result: GB/T 15843.2-2017 (GB/T 15843.2-2024 Newer Version)
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Name of Chinese Standard | Status |
| GB/T 15843.2-2024 | English | 529 |
Add to Cart
|
5 days
|
Cybersecurity technology - Entity authentication - Part 2: Mechanisms using authenticated encryption
| Valid |
| GB/T 15843.2-2017 | English | 230 |
Add to Cart
|
0-9 seconds. Auto-delivery.
|
Information technology -- Security techniques -- Entity authentication -- Part 2: Mechanisms using symmetric encipherment algorithms
| Valid |
| GB/T 15843.2-2008 | English | 599 |
Add to Cart
|
3 days
|
Information technology -- Security techniques -- Entity authentication -- Part 2: Mechanisms using symmetric encipherment algorithm
| Obsolete |
| GB 15843.2-1997 | English | 559 |
Add to Cart
|
3 days
|
Information technology--Security techniques--Entity authentication--Part 2: Mechanisms using symmetric encipherment algorithms
| Obsolete |
PDF Preview: GB/T 15843.2-2017
GB/T 15843.2-2017: PDF in English (GBT 15843.2-2017) GB/T 15843.2-2017
Information technology - Security techniques - Entity authentication - Part 2.Mechanisms using symmetric encipherment algorithms
ICS 35.040
L80
National Standards of People's Republic of China
Replace GB/T 15843.2-2008
Information technology security technology entity authentication
Part 2.Mechanisms using symmetric encryption algorithms
2017-12-29 released
2018-07-01 implementation
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China
Issued by China National Standardization Administration
Table of contents
Foreword Ⅰ
Introduction Ⅱ
1 Scope 1
2 Normative references 1
3 Terms and definitions 1
4 Symbols and abbreviations 2
5 Requirements 3
6 Mechanisms that do not involve trusted third parties 4
6.1 One-way authentication 4
6.1.1 Mechanism 1-Single Pass Authentication 4
6.1.2 Mechanism 2-Two-pass authentication 4
6.2 Mutual authentication 5
6.2.1 Mechanism 3-Two-pass authentication 5
6.2.2 Mechanism 4-Three pass authentication 6
7 Mechanisms involving trusted third parties 7
7.1 Mechanism 5-Four-pass authentication 7
7.2 Mechanism 6-Five pass authentication 8
Appendix A (normative appendix) OID and ASN.1 syntax 10
Appendix B (informative appendix) Use of text fields 12
Appendix C (informative appendix) Nature of entity authentication mechanism 13
Reference 14
Preface
GB/T 15843 "Information Technology Security Technology Entity Identification" has currently or plans to publish the following parts.
---Part 1.General Provisions;
---Part 2.The mechanism of using symmetric encryption algorithms;
---Part 3.The mechanism of using digital signature technology;
---Part 4.Using the mechanism of password verification function;
---Part 5.The mechanism of adopting zero-knowledge technology;
---Part 6.Using the mechanism of manual data transfer.
This part is Part 2 of GB/T 15843.
This section was drafted in accordance with the rules given in GB/T 1.1-2009.
This Part replaces GB/T 15843.2-2008 "Information Technology Security Technology Entity Authentication Part 2.Using Symmetric Encryption
Compared with GB/T 15843.2-2008, the main changes are as follows.
---In Chapter 3, a description of seven terms other than those defined in ISO /IEC 9798-1.1997 was added;
--- Separate the "symbols" in Chapter 3 into Chapter 4 "symbols and abbreviations";
---In Chapter 5 "Requirements", the requirements for verifying time-varying parameters have been added;
---Added two appendices. Appendix A and Appendix C.
The translation method used in this part is equivalent to ISO /IEC 9798-2.2008 "Information Technology Security Technical Entity Authentication Part 2.
Mechanism using symmetric encryption algorithm.
The Chinese documents that have consistent correspondence with the international documents cited in this section are as follows.
---GB/T 15843.1-2017 Information technology security technology entity identification Part 1.General (ISO /IEC 9798-1.
2010, IDT)
This section has made the following editorial changes.
---Include the content of ISO /IEC 9798-2.2008TECHNICALCORRIGENDUM3.2013;
---The number of parallel items is changed from "(1), (2)" to "a), b)".
Please note that certain contents of this document may involve patents. The issuing agency of this document is not responsible for identifying these patents.
This part is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260).
Drafting organizations of this section. Data and Communication Protection Research and Education Center of Chinese Academy of Sciences, Beijing Jiangnan Tianan Technology Co., Ltd., PwC
Letter Information Technology Co., Ltd.
The main drafters of this section. Xia Luning, Zhang Qionglu, Jing Jiwu, Zhu Jiaxiong, Xie Chao.
The previous releases of the standards replaced by this part are.
---GB/T 15843.2-1997, GB/T 15843.2-2008.
introduction
This part is equivalent to ISO /IEC 9798-2.2008 and its errata document ISO /IEC 9798-2.2008TECHNICALCOR-
RIGENDUM3, which is a subcommittee SC27 (Information Security Technology) of the ISO /IEC Joint Technical Committee JTC1 (Information Technology)
Drafted.
This part specifies the entity authentication mechanism using symmetric encryption algorithm, including one-way authentication mechanism and mutual authentication mechanism, and does not involve trusted
Third-party authentication mechanisms and authentication mechanisms involving trusted third parties, and provide requirements for these authentication mechanisms.
In the case of not involving a trusted third party, the one-way authentication mechanism includes one-pass authentication and two-pass authentication.
The system includes two pass authentication and three pass authentication. If a trusted third party is involved, the mutual authentication mechanism needs to be carried out four times or
Five passes.
All relevant content related to cryptographic algorithms in this section shall be implemented in accordance with relevant national regulations.
Information technology security technology entity authentication
Part 2.Mechanisms using symmetric encryption algorithms
1 Scope
This part of GB/T 15843 specifies an entity authentication mechanism using a symmetric encryption algorithm. Four of them are inaccessible between two entities
Trust the third-party authentication mechanism. Two of the four mechanisms are one-way authentication by one entity against another entity, and the other two are two-way authentication mechanisms.
Two entities authenticate each other. The rest of the mechanisms require a trusted third party to participate in order to establish a public secret key to achieve mutual or single
Entity identification.
The mechanisms specified in this section use time-varying parameters such as timestamps, serial numbers, or random numbers to prevent previously valid authentication information from being
Accepted or accepted multiple times.
If there is no trusted third party involved and a timestamp or serial number is used at the same time, the information only needs to be transmitted once for one-way authentication.
Mutual authentication needs to be sent twice. If there is no trusted third party involved and the challenge-response method using random numbers is used, one-way authentication
Don't need to transmit information twice, and for mutual authentication, you need to transmit three times. If there is a trusted third party involved, between an entity and the trusted third party
Any additional communication of the need to add two transfers in the communication exchange.
2 Normative references
The following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this article
Pieces. For undated references, the latest version (including all amendments) applies to this document.
ISO /IEC 9798-1 Information Technology Security Technical Entity Authentication Part 1.General Rules
3 Terms and definitions
ISO /IEC 9798-1 and the following terms and definitions apply to this document.
3.1
Authenticated encryption
The (reversible) transformation of data through a cryptographic algorithm, once the generated ciphertext is replaced by an unauthorized entity, it can be detected
Come, that is to say, it provides protection of data confidentiality, data integrity and data origin authentication.
[ISO /IEC 19772.2009]
3.2
Ciphertext
Transformed data to hide its information content.
[ISO /IEC 10116.2006]
3.3
Claimant
An entity whose identity can be authenticated, including its functions and private data necessary for authentication interaction.
[ISO /IEC 9798-5.2004]
3.4
Message authentication code
Use the output bit string generated by the message authentication code algorithm.
Note. The message authentication code is sometimes called the password check value.
[GB/T 15852.1-2008]
3.5
Message authentication code algorithm
An algorithm that calculates bit strings and keys to obtain a fixed-length bit string has the following characteristics.
---For any key and any input string, it can be calculated effectively;
---For any fixed key, without any prior knowledge about this key, calculate the message of any new input string
The authentication code is computationally infeasible.
Note 1.The message authentication algorithm is sometimes called a password verification function (see the example of ISO 7498-2).
Note 2.The specific safety requirements and environment of the user since the feasibility of the calculation.
[GB/T 15852.1-2008]
3.6
Timestamp
A time-varying parameter that represents a point in time relative to a common time reference.
[ISO /IEC 18014-1.2008]
5 requirements
In the authentication mechanism specified in this section, the entity to be authenticated proves its identity by showing that it knows a secret authentication key. This can be done by
The entity uses its secret key to encrypt specific data. Any entity that shares the secret authentication key with it can decrypt the encrypted data.
dense. The decrypted data must contain time-varying parameters, which can be verified through the following methods.
1.If the time-varying parameter is a random number, then the receiver should ensure that it is equivalent to the random challenge sent by the claimant.
For the production and use, please refer to ISO /IEC 18031 and related national standards of the People’s Republic of China.
2.If the time-varying parameter is a timestamp, then the receiver should be able to verify the validity of the timestamp.
3.If the time-varying parameter is a serial number, the receiver should be able to compare it with the serial number previously received or stored to ensure that it is not replayed.
The authentication mechanism specified in this section has the following requirements. If any of them is not met, the authentication process will face potential attacks.
Or it cannot be completed successfully.
a) The claimant who confirms its identity to the verifier shall share a secret authentication secret with the verifier when applying the mechanism of Chapter 6
When applying the mechanism of Chapter 7, each entity should share a secret authentication key with a public trusted third party.
These keys should be known to all parties before the authentication mechanism is activated, and the methods used to do this have gone beyond
The scope of this section, regarding the management of shared keys, provides guidance in ISO /IEC 11770-1 and ISO /IEC 11770-2.
b) If a trusted third party is involved, it should be trusted by the claimant and verifier.
c) The secret authentication key shared by the claimant and verifier, or the secret authentication key shared by the entity and a trusted third party, should only be these two
Known by the party or other parties that both parties trust. If it is known to other parties that both parties trust, other parties should not misuse the key, that is, not
The key should be used by impersonating one of the parties.
Note. The choice of encryption algorithm and key lifetime should ensure that the key is calculated during its lifetime and it is computationally infeasible. In addition, when selecting
The key lifetime should also prevent known plaintext and selected plaintext attacks.
d) The token used in the mechanism cannot be forged even when the old token is known, that is, the old order under any circumstances
No cards should be partially or fully reused to construct new tokens. For any value of the secret key K, the encryption function eK and
The corresponding decryption function dK should have the following properties. When the decryption process dK is applied to the string eK(X), it should be able to
So that the receiver of the string can detect whether the data is forged or controlled, that is, only the secret key K is possessed
Only then can they generate strings that can be "accepted" through the decryption process dK.
Note. In practical applications, there are many ways to ensure the above properties. The recommended way is to provide confidentiality and integrity in a verified
The secret key K is used under the encryption technology of integrity protection, and the mechanism can be referred to ISO /IEC 19772.
e) The mechanism in this section requires the use of time-varying parameters, such as timestamps, serial numbers or random numbers. The characteristics of these parameters, especially its
They are extremely unlikely to be repeated in the life cycle of secret authentication keys, which is very important for the security of these mechanisms.
For more information about time-varying parameters, see Appendix B of ISO /IEC 9798-1.1997.
f) The secret authentication key used to implement any of the authentication mechanisms defined in this section should be distinguished from the keys used for other purposes.
g) In an authentication mechanism, if a data string is encrypted and used in multiple places, then it should not be combined so as to be interchangeable at these places of use.
Note. This can be restricted by including the following elements in each encrypted data string.
---The object identifier defined in Appendix A, especially the identifier that identifies the ISO standard, the serial number of this part and the identification mechanism number;
---The constant that uniquely identifies the encrypted data string in an authentication mechanism. If the mechanism contains only one encrypted data string, this constant can be omitted.
The recipient of the encrypted data string should verify the object identifier and the constant identifying the encrypted data string to confirm whether it matches the expected value.
h) In the mechanism defined in Chapter 7, the holder of the KAP or KBP key should always use the key in the same way, that is to say
As TPPP, either as entity A or B. This means that the key holder should not use the same key.
Participate as TPP in the authentication protocol execution instance, and participate as entity A or B in another execution instance of the authentication protocol.
6 Mechanisms that do not involve trusted third parties
Among these authentication mechanisms, entities A and B should share a public secret authentication key before starting the specific operation of the authentication mechanism
KAB, or two one-way secret keys KAB and KBA. In the subsequent examples, the one-way keys KAB and KBA are used by B to authenticate A
The sum is used by A to identify B.
All text fields specified in the following mechanisms are assigned meanings in specific authentication applications, and the description of these applications is beyond this section
range. These text fields can also be empty, and their relationship and content depend on the specific application. See Appendix B for the use of text fields.
6.1 One-way authentication
One-way authentication means that only one of the two entities is authenticated when using this mechanism.
6.1.1 Mechanism 1-single pass authentication
In this authentication mechanism, the claimant A initiates this process and is authenticated by the verifier B. Uniqueness and timeliness are produced and tested
Time stamp or serial number (see Appendix B of ISO /IEC 9798-1.1997) to control.
The authentication mechanism is shown in Figure 1.
6.2 Mutual authentication
Mutual authentication means that two communicating entities use this mechanism to authenticate each other.
6.2.1 and 6.2.2 adopt the two mechanisms described in 6.1.1 and 6.1.2 respectively to achieve mutual authentication. Both situations require
Add one transmission, thus adding two operation steps.
Note. The third mechanism of mutual authentication can be composed of two instances of the mechanism specified in 6.1.2, one initiated by entity A and the other initiated by entity B.
6.2.1 Mechanism 3-Two-pass authentication
In this authentication mechanism, the uniqueness and timeliness are generated and verified by the time stamp or serial number (see ISO /IEC 9798-1.1997 Appendix B)
To control it.
The authentication mechanism is shown in Figure 3.
6.2.2 Mechanism 4-three pass authentication
In this authentication mechanism, the uniqueness and timeliness are achieved by generating and verifying random numbers (see Appendix B in ISO /IEC 9798-1.1997)
controlling.
The authentication mechanism is shown in Figure 4.
7 Mechanisms involving trusted third parties
The authentication mechanism described in this chapter does not use the secret key shared by the two entities before the authentication process, but uses a trusted third party.
Party (denoted by P), entities A and B share secret keys KAP and KBP with it, respectively. In each mechanism, an entity
The three parties apply for the key KAB, and then use the mechanisms described in 6.2.1 and 6.2.2 respectively.
According to the following description, if only one-way authentication is required, some transmissions in each mechanism can be omitted.
All text fields specified in the following mechanisms are also applicable to applications outside the scope of this standard (text fields may be empty). Their relationship
Department and content depend on the specific application. See Appendix B for information on the use of text fields.
7.1 Mechanism 5-Four pass authentication
This mechanism is equivalent to the key establishment mechanism 8 in ISO /IEC 11770-2.2008.
7.2 Mechanism 6-Five pass authentication
In this mutual authentication mechanism, uniqueness and timeliness are controlled by random numbers (see Appendix B of ISO /IEC 9798-1.1997)
of. This mechanism is equivalent to the key establishment mechanism 9 in ISO /IEC 11770-2.2008.
The authentication mechanism is shown in Figure 6.
Appendix A
(Normative appendix)
OID and ASN.1 syntax
A.1 Formal definition
A.2 Subsequent use of object identifiers
All entity authentication mechanisms in this section use symmetric encryption technology. Therefore, after the object identifier of the entity authentication mechanism,
It can be followed by an object identifier to specify the encryption technology used, such as the pairing of various mechanisms defined in ISO /IEC 19772
Like identifier.
A.3 Coding examples that comply with ASN.1 basic coding rules (BER)
According to ISO /ISC8825-1, an object identifier consists of one or more byte sequences, and each byte sequence encodes one
digital.
---If the byte sequence contains more than one byte, the 8th bit of the first byte is set to 1, and the 8th bit of the last byte is set
Is 0;
---The byte sequence uses the lower 7 bits of all bytes to encode a number, and each number should be encoded with the least number of bytes.
It means that the byte '80' is not a valid first byte in the byte sequence;
---The first number indicates the standard number; if there is a second number, it indicates the part of the multi-part standard.
Each mechanism defined in this document is represented by an object identifier.
---To identify an ISO standard, the first byte is set to hexadecimal '28', that is, decimal 40;
---The next two bytes are set to'CC46', this is because the hexadecimal value of 9798 is '2646', which is binary 0010
011001000110, that is, two 7-bit groups. 10011001000110.Set the corresponding value in the 8th bit of each byte
Later, the byte sequence becomes 1100110001000110, which is'CC46'.
● The next byte is set to hexadecimal '02', which means the second part;
● The next byte identifies an authentication mechanism;
● The '01' logo does not involve a single pass one-way authentication mechanism of a trusted third party;
● The '02' logo does not involve a two-pass one-way authentication mechanism of a trusted third party;
● The '03' logo does not involve a mutual authentication mechanism for two passes of a trusted third party;
● The '04' logo does not involve the three-pass mutual authentication mechanism of a trusted third party;
● The '05' logo involves the four-pass mutual authentication mechanism of a trusted third party;
● The '06' logo involves the five-pass mutual authentication mechanism of a trusted third party.
For example, the hexadecimal data element '28CC460205' is read as {isostandard979825}, which means the fifth of ISO /IEC 9798-2
This mechanism is the four-pass mutual authentication mechanism involving a trusted third party. This data element can be the following BER-TLV data object
(See ASN.1 basic coding rules, ISO /IEC 8825-1, global class label '06') is transmitted, where dashes and braces are not
Important, they are only used for clarity.
......
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.
|