Powered by Google www.ChineseStandard.net Database: 189760 (20 Apr 2024)

GB/T 34953.4-2020 (GB/T34953.4-2020)

Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GB/T 34953.4-2020English325 Add to Cart 0-9 seconds. Auto-delivery. Information technology -- Security techniques -- Anonymous entity authentication -- Part 4: Mechanisms based on weak secrets Valid


Standards related to: GB/T 34953.4-2020

GB/T 34953.4-2020: PDF in English (GBT 34953.4-2020)

GB/T 34953.4-2020
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Information technology - Security techniques -
Anonymous entity authentication - Part 4:
Mechanisms based on weak secrets
(ISO/IEC 20009-4:2017, MOD)
ISSUED ON: APRIL 28, 2020
IMPLEMENTED ON: NOVEMBER 01, 2020
Issued by: State Administration for Market Regulation;
Standardization Administration of the PRC.
Table of Contents
Foreword ... 3
Introduction ... 5
1 Scope ... 6
2 Normative references ... 6
3 Terms and definitions ... 6
4 Symbols, abbreviated terms and conversion functions ... 11
4.1 Symbols and abbreviated terms ... 11
4.2 Conversion functions ... 14
5 General model for password-based anonymous entity authentication ... 14
5.1 Participants ... 14
5.2 Types of PAEA mechanisms ... 15
5.3 Components of a password-only PAEA ... 15
5.4 Components of a storage-extra PAEA ... 16
5.5 Operation of a PAEA ... 17
6 Password-only PAEA mechanisms ... 18
6.1 General ... 18
6.2 YZ mechanism ... 18
7 Storage-extra PAEA mechanism ... 21
7.1 General ... 21
7.2 YZW mechanism ... 21
Annex A (Normative) Object identifiers ... 30
Bibliography ... 31
Foreword
GB/T 34953 "Information technology - Security techniques - Anonymous entity
authentication" is divided into 4 parts:
- Part 1: General;
- Part 2: Mechanisms based on signatures using a group public key;
- Part 3: Mechanisms based on blind signatures;
- Part 4: Mechanisms based on weak secrets.
This Part is Part 4 of GB/T 34953.
This Part is drafted in accordance with the rules given in GB/T 1.1-2009.
This Part uses the redraft law to modify and adopt ISO/IEC 20009-4:2017
"Information technology - Security techniques - Anonymous entity
authentication - Part 4: Mechanisms based on weak secrets".
Compared with ISO/IEC 20009-4:2017, this Part has structural adjustments.
Adjust 6.3 to 6.2. The other clause numbers are revised in turn.
The technical differences between this Part and ISO/IEC 20009-4:2017 and the
reasons are as follows:
- As for the normative references, this Part has made adjustments with
technical differences, to adapt to the technical conditions of China. The
adjustments are reflected in Clause 2 “Normative references”. The specific
adjustments are as follows:
 Replace ISO/IEC 9797-2 with GB/T 15852.2 which modifies and adopts
the international standard; stipulate that the hash algorithm used shall
follow relevant national standards and industry standards;
 Replace ISO/IEC 29000-1 with GB/T 34953.1 which is identical to the
international standard;
 Replace ISO/IEC 19772:2009 with GB/T 36624-2018 which modifies
and adopts the international standard;
 Delete ISO/IEC 10118-3; ISO/IEC 10118-3 specifies the hash algorithm
used in mechanisms of this Part. Stipulate that the hash algorithm used
shall follow relevant national standards and industry standards;
Information technology - Security techniques -
Anonymous entity authentication - Part 4:
Mechanisms based on weak secrets
1 Scope
This Part of GB/T 34953 specifies anonymous entity authentication
mechanisms based on weak secrets. The precise operation of each mechanism
is specified, together with details of all inputs and outputs.
This Part is applicable to situations in which the server only verifies that the user
belongs to a certain user group without obtaining any information that can be
used to identify the user later on.
2 Normative references
The following documents are indispensable for the application of this document.
For the dated references, only the editions with the dates indicated are
applicable to this document. For the undated references, the latest edition
(including all the amendments) are applicable to this document.
GB/T 15852.2 Information technology - Security techniques - Message
Authentication Codes (MACs) - Part 2: Mechanisms using a dedicated hash-
function (GB/T 15852.2-2012, ISO/IEC 9797-2:2002, MOD)
GB/T 34953.1 Information technology - Security techniques - Anonymous
entity authentication - Part 1: General (GB/T 34953.1-2017, ISO 20009-
1:2013, IDT)
GB/T 36624-2018 Information technology - Security techniques -
Authenticated encryption (ISO/IEC 19772:2009, MOD)
ISO/IEC 11770-4:2006 Information technology - Security techniques - Key
management - Part 4: Mechanisms based on weak secrets
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GB/T
34953.1 and the following apply.
......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.