HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189760 (30 Nov 2024)

GM/T 0071-2019 PDF in English


GM/T 0071-2019 (GM/T0071-2019, GMT 0071-2019, GMT0071-2019)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GM/T 0071-2019English230 Add to Cart 0-9 seconds. Auto-delivery. Guidance of cryptographic application for electronic records Valid
Standards related to (historical): GM/T 0071-2019
PDF Preview

GM/T 0071-2019: PDF in English (GMT 0071-2019)

GM/T 0071-2019 GM CRYPTOGRAPHY INDUSTRY STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Guidance of cryptographic application for electronic records ISSUED ON: JULY 12, 2019 IMPLEMENTED ON: JULY 12, 2019 Issued by: State Cryptography Administration Table of Contents Foreword ... 3  1 Scope ... 4  2 Normative references ... 4  3 Terms and definitions ... 5  4 Abbreviations ... 6  5 Overview ... 6  6 Cryptographic operation method for electronic records ... 10  7 Cryptographic application method for application system ... 16  8 Reference of cryptographic application for electronic records ... 21  Appendix A (Informative) Example of cryptographic application for administrative electronic records creation and transaction system ... 22  Guidance of cryptographic application for electronic records 1 Scope This Standard proposes the technical framework and security goals of the cryptographic application for electronic records, and describes the method of performing cryptographic operations for electronic records and the method of using cryptographic technique in the application system of electronic records. This Standard applies to the development and use of application system of electronic records. 2 Normative references The following documents are indispensable for the application of this document. For dated references, only the dated version applies to this document. For undated references, the latest edition (including all amendments) applies to this document. GB/T 20518, Information security technology - Public key infrastructure - Digital certificate format GB/T 25069-2010, Information security technology glossary GB/T 31913-2015, General functional requirements for administrative electronic records creation and transaction system GB/T 32905, Information security techniques - SM3 cryptographic hash algorithm GB/T 32907, Information security technology - SM4 block cipher algorithm GB/T 32918, Information security technology - Public key cryptographic algorithm SM2 based on elliptic curves GB/T 35275, Information security technology - SM2 cryptographic algorithm encrypted signature message syntax specification GM/T 0019, Universal cryptography service interface specification GM/T 0031, Secure electronic seal cryptography technical specification GM/T 0033, Interface specifications of time stamp In order to achieve the security goal of electronic record management, cryptographic technology shall be used to ensure the security of the entire life cycle of electronic records. That is, ensure that the formation process of electronic records is true and reliable; ensure that electronic records are not tampered during transmission (exchange), reception and storage; ensure that electronic records are not leaked to unauthorized visitors; ensure that operators of electronic records cannot deny their operating behaviors and processing results. The security of electronic records is guaranteed by the security of record content and the security of record attributes. 5.3 Application system Follow GB/T 31913-2015; in the whole life cycle of electronic records, three types of systems are generally experienced, namely business system, electronic records management system, and electronic records long-term preservation system. The business system is also called the electronic records creation and transaction system, which mainly provides business functions that are involved in the process from creation to transaction for electronic records, and provides the data interface that is connected to other systems. The electronic records management system is responsible for capturing electronic records from the business system, maintaining various associations between records, record and business, supporting inquiry and utilization, and disposing them in an orderly, systematic, and auditable manner. The electronic records long-term preservation system maintains and provides use of electronic records in a correct and long-term effective way. 5.4 Data user The user is the operator of the application system, including the business operator of the electronic records and the system manager of the application system. Business operators refer to the personnel who performs specific operations such as creation, modification, authorization, reading, signing, stamping, printing, circulation, archiving and destruction of electronic records in the business system, electronic records management system and electronic records long-term preservation system. System managers refer to the personnel who manages and maintains the application system, including system manager, audit manager and confidentiality manager. 5.5 Electronic records The cryptographic operation of electronic records requires the use of symmetric, asymmetric, and hash algorithms. According to the scenario, use GB/T 32918, GB/T 32905, GB/T 32907, or a cryptographic algorithm that is recognized by the national cryptographic management authority. The symmetric algorithm is used to encrypt and decrypt record content and record attributes. The asymmetric algorithm is used to encrypt and decrypt symmetric keys, and perform digital signatures and signature verification. The hash algorithm is used for integrity calculation and verification. The symmetric algorithm can adopt multiple modes such as CBC, OFB, CFB, CTR. When using OFB and CFB modes, the application system shall set the number of feedback bits. The call to the cryptographic algorithm is completed through the identifier of the cryptographic algorithm. 5.6.2 Universal cryptography service Universal cryptography services include digital certificate service, encryption/decryption services, signature/verification services, hash computing service. Universal cryptography services are provided by cryptographic infrastructure such as certificate authentication systems, cryptographic devices/components, and are implemented by calling related service interfaces. Certificate authentication systems and cryptographic devices/components that provide cryptographic services shall comply with relevant national standards and industry standards, and be certified and approved by the national cryptographic management authority. The cryptographic service interface shall follow GM/T 0019. The digital certificate format shall follow GB/T 20518. The signature syntax shall follow GB/T 35275. 5.6.3 Typical cryptography service Typical cryptography service includes authentication service, digital stamp service, time stamp service: -- The authentication service is used to realize user authentication that is based on digital certificates; -- The digital stamp service is used to stamp, verify and read the stamp of electronic records. The digital stamp service interface shall follow GM/T 0031; -- The time stamp service is used to provide time information for digital signatures and digital stamps. The time stamp service interface shall follow GM/T 0033. 5.6.4 Key When the record attributes are maintained by the application system, the application system shall directly perform encryption and decryption of the specified record content. The symmetric key for encryption shall be randomly generated; one cypher for one record shall be ensured; and the application system cannot obtain a clear symmetric key. The record content encryption method is as follows: a) Obtain the symmetric algorithm and asymmetric algorithm identifiers; b) Call the universal cryptography service to generate a symmetric key; c) Call the symmetric encryption service and use the symmetric key to encrypt the record content; d) Call the asymmetric encryption service and use the public key for encryption of the electronic record receiver or the application system to encrypt the symmetric key; e) Package the encrypted symmetric key and the record content that is encrypted by the symmetric key in a digital envelope format, to form the encrypted record content; if there are multiple receivers of the electronic records, respectively use public key for encryption of each receiver to encrypt the symmetric key, and package the encrypted symmetric key of all receivers and the record content that is encrypted by the symmetric key in the header of the digital envelope; f) Store the algorithm identifier, algorithm mode, and number of feedback bits in the security attribute. The record content decryption method is as follows: a) Obtain the symmetric algorithm and asymmetric algorithm identifiers of encrypted electronic records from the security attribute; b) Call the asymmetric decryption service according to the asymmetric algorithm identifier; use the private key for decryption to decrypt the encrypted symmetric key, to obtain the symmetric key; c) Call the symmetric decryption service according to the symmetric algorithm identifier; use the symmetric key to decrypt the record content. 6.2.2 Confidentiality of record attribute According to the needs, use digital envelope to encrypt the metadata attribute, seal attribute, watermark attribute, permission attribute and other attribute c) Call the signature verification service according to the signature algorithm identifier; use the public key for signature and digest value to verify the signature value of the record content. 6.3.2 Integrity of record attribute When the record attributes are organized by labels, follow GM/T 0055-2018; use the method of signing labels to ensure the integrity of the record attributes. When the record attributes are maintained by the application system, perform signature of the record attributes to ensure the integrity of the record attributes (excluding log attributes). The application system can ensure the integrity of the log attributes of a single record by protecting the integrity of the application system log. When record attributes (excluding log attributes) are formed or updated, the signature process is as follows: a) Obtain the signature algorithm and hash algorithm identifier; b) Call the hash algorithm service to calculate the digest for other attributes except security attributes; c) Call the hash algorithm service to calculate the digest for the content in the security attribute except the self-signed information; d) Assemble all calculated digests according to established rules; e) Call the hash algorithm service to recalculate the digest of the assembled data; f) Call the signature algorithm service and use the private key for signature of the business operator or the application system to digitally sign the digest value; g) Fill the signature value, algorithm identifier and signature certificate in order into the self-signed information of the security attribute. The integrity of the record attributes (excluding log attributes) can be verified by verifying the signature. The signature verification method is as follows: a) Obtain the hash algorithm identifier, signature algorithm identifier, signature certificate information and signature value of the record attribute signature from the security attribute; b) According to the hash algorithm identifier, call the hash algorithm service to calculate the digest for other attributes except security attributes; The authenticity of the record attributes is guaranteed by the digital signature of the record attributes. The signature and verification operations are the same as 6.3.2. 6.5 Non-repudiation The non-repudiation of the operation behavior and operation result of the electronic records by the business operator can be guaranteed by the digital signature in the signature attribute, seal attribute and watermark attribute, as well as by the business operator log. The digital signature and verification process in the signature attribute, seal attribute and watermark attribute are the same as 6.4.1. When a business operator operates on a record, a business operator log must be formed and digitally signed. The process is as follows: a) Obtain the signature algorithm and hash algorithm identifier; b) Call the hash algorithm service to calculate the digest of the log record that is formed by this operation. The content of the operation includes the record identifier number, the operator, the operation time, the operation location, the operation content, and the operation result; c) Call the signature algorithm service to use the private key for signature of the business operator to digitally sign the digest value; d) Fill the algorithm identifier and the signature value into this log record; e) Submit the log record to the application system server for storage. Process the log signature verification as follows: a) Obtain the hash algorithm identifier, signature algorithm identifier and signature value of the log signature from the log; b) Call the hash algorithm service to calculate the digest of the log record according to the hash algorithm identifier. The content of the operation includes the record identifier number, the operator, the operation time, the operation location, the operation content, and the operation result; c) Obtain the business operator's signature certificate according to the business operator's information; d) Call the signature verification service according to the signature algorithm identifier; Use the business operator's public key for signature and digest value to verify the log signature value. 7.4 Storage security When electronic records are stored in the application system, their confidentiality, integrity and authenticity are guaranteed as required. For confidentiality protection, use the public key for encryption of the business operator or the application system to package the digital envelope to protect the electronic records; for integrity and authenticity protection, use the private key for signature of the business operator or the application system to digitally sign the electronic records. The specific cryptographic operation is the same as 6.2, 6.3 and 6.4. 7.5 Exchange security 7.5.1 Exchange classification According to the different identities of the two parties of electronic record exchange, it can be divided into internal exchange of business system, exchange between business systems, exchange between business system and electronic record management system, AND exchange between electronic records management system and electronic records long-term preservation system. Cryptographic technique shall be used to ensure the exchange security, and to ensure the authenticity and integrity of electronic records during the exchange process; for important electronic records, the confidentiality shall also be guaranteed. 7.5.2 Internal exchange of business system The internal exchange of the business system refers to the exchange of electronic records between business operators in the business system. When sending, the record sender uses his or the system's private key for signature and the record receiver's public key for encryption to sign and encrypt the electronic records; when receiving, the record receiver uses the corresponding private key for encryption and public key for signature to decrypt and verify the electronic records, and store the parsed electronic record in the local system. The specific cryptographic operation is the same as 6.2, 6.3 and 6.4. 7.5.3 Exchange between business systems When electronic records are exchanged between business systems, record content and identifier attributes, metadata attributes, security attributes, signature attributes, seal attributes, digital watermark attributes can be retained, and log attributes and permission attributes can be retained as needed. When sending, the record sending system uses its own system’s private key for signature and the record receiving system’s public key for encryption to sign and encrypt the electronic records; when receiving, the record receiving system uses the corresponding private key for encryption and public key for signature i) Send the business system signature certificate, signature value, and encrypted record package to the electronic records management system together. The operation for the electronic records management system to receive the electronic record cypher is as follows: a) Use the public key for signature of the business system to verify the signature value of the record package; b) Use the private key for decryption of the electronic records management system to decrypt the record package; c) Unpack the record package to obtain electronic records; d) Store the parsed electronic records in the local system. The specific cryptographic operation is the same as 6.2, 6.3 and 6.4. 7.5.5 Exchange between electronic records management system and electronic records long-term preservation system When electronic records are exchanged between the electronic records management system and the electronic records long-term preservation system, retain the electronic records content and the identifier attributes, metadata attributes; remove the security attributes, permission attributes and log attributes; retain the signature attributes, seal attributes, and digital watermark attributes as required. During exchange, remove all security protection mechanisms; follow the principle of one-time exchange of multiple records as a whole. Under the premise of ensuring the correlation between the record content and the record attribute, assemble multiple records according to predetermined rules to form a record package; protect the confidentiality, integrity, authenticity of the entire record package; only protect the authenticity and integrity of a single electronic record. The operation for the electronic records management system to send the electronic record cypher is as follows: a) Remove all security protection mechanisms for the to-be-exchanged records; package them into a record package; b) Call the universal cryptography service to generate a symmetric key; c) Call the symmetric encryption service and use the symmetric key to encrypt the packaged record package; A.1.2 Electronic records creation Drafting link: the drafter fills in the basic information of the record and writes the content of the record. Audit link: the auditor reviews the record content, and records the auditor, audit date, and audit opinions. Issue link: the issuer conducts a pre-issue review of the record content, and records the issuer, issue date, and issue opinions. A.1.3 Electronic records sending transaction Review link: the reviewer reviews the electronic records and metadata, and records the reviewer, review date, and review opinions. Registration link: record the metadata information of the electronic record. Printing link: make the electronic records into a format record, and affix a digital stamp. Verification and issuance link: record the sending and receiving information of electronic records; package the entity information and metadata information of the electronic records; deliver them to the receiver through electronic records exchange. Sending completion link: complete the sending process. A.1.4 Electronic records exchange Transmit the electronic records from the sender to the receiver. A.1.5 Electronic records receiving transaction Signing link: the signer signs for the electronic record, and records the signer and date. Registration link: record the metadata information of the record receiving. Preliminary review: the preliminary reviewer conducts a preliminary review of the received electronic records, and records the preliminary reviewer, preliminary review date, and the preliminary review comments. Circulation link: circulate the electronic record within the scope of the reader, and record the reader, the reading date and the reading opinions. Receiving completion link: complete the receiving transaction process. A.2 Cryptographic application requirements signature to digitally sign the record content, audit opinions, audit time, etc., and finally sends the above information to the transaction system. After the transaction system receives the electronic record, it verifies the digital signature of the auditor and uses the private key for decryption of the transaction system to protect the confidentiality of the electronic record. A.3.3 Issue The transaction system removes the confidentiality protection of the electronic record and sends it to the issuer. The issuer first verifies the digital signature of the drafter and the auditor on the electronic record, then fills in the issue opinions, and uses the issuer's private key for signature to digitally sign the record content, issue opinions, issue time, etc., and finally sends the above information to the transaction system. After the transaction system receives the electronic record, it verifies the digital signature of the issuer and uses the private key for decryption of the transaction system to protect the confidentiality of the electronic record. A.3.4 Review The transaction system removes the confidentiality protection of the electronic record and sends it to the reviewer. The reviewer first verifies the digital signature of the drafter, auditor and issuer on the electronic record, then fills in the review opinions, and uses the re reviewer's private key for signature to digitally sign the record content, review opinions, review time, etc., and finally sends the above information to the transaction system. After the transaction system receives the electronic record, it verifies the digital signature of the reviewer and uses the private key for decryption of the transaction system to protect the confidentiality of the electronic record. A.3.5 Registration The transaction system removes the confidentiality protection of the electronic record and sends it to the registrant. The registrant first verifies the digital signatures of the drafter, auditor, reviewer, and issuer on the electronic record; then modifies the electronic record’s reference number, destination unit, number of copies and other metadata information, and uses the registrant's private key pair for signature to digitally sign the record content and metadata attributes; finally, sends the above information to the transaction system together. ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.