GB/T 15843.6-2018 PDF EnglishUS$490.00 · In stock · Download in 9 seconds
GB/T 15843.6-2018: Information technology -- Security techniques -- Entity authentication -- Part 6: Mechanisms using manual data transfer Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure Status: Valid
Similar standardsGB/T 15843.6-2018: Information technology -- Security techniques -- Entity authentication -- Part 6: Mechanisms using manual data transfer---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT15843.6-2018 GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 GB/T 15843.6-2018 / ISO/IEC 9798-6.2010 Information Technology – Security Techniques – Entity Authentication – Part 6.Mechanisms Using Manual Data Transfer (ISO/IEC 9798-6.2010, IDT) Issued on. SEPTEMBER 17, 2018 Implemented on. APRIL 01, 2019 Issued by. State Administration for Market Regulation; Standardization Administration of PRC. Table of ContentsForeword... 4 Introduction... 5 1 Scope... 6 2 Normative References... 6 3 Terms and Definitions... 6 4 Symbols and Abbreviated Terms... 9 5 Overall Requirements... 10 6 Mechanisms Using a Short Check-Value... 11 6.1 General... 11 6.2 Mechanism 1 -- One device with simple input interface, one device with simple output interface... 12 6.3 Mechanism 2 -- Two devices with simple input interfaces... 14 7 Mechanisms Using a Short Digest-Value or a Short Key... 15 7.1 General... 16 7.2 Mechanism 3 -- One device with simple input interface, one device with simple output interface... 16 7.3 Mechanism 4 -- One device with simple input interface, one device with simple output interface... 18 7.4 Mechanism 5 -- Two devices with simple input interfaces... 20 7.5 Mechanism 6 -- Two devices with simple input interfaces... 22 8 Mechanisms Using a MAC... 24 8.1 General... 24 8.2 Mechanism 7 -- Two devices with simple output interfaces... 25 8.3 Mechanism 8 -- One device with simple input interface, one device with simple output interface... 29 Annex A (Normative) ASN.1 Definition... 32 Annex B (Informative) Using Manual Authentication Protocols for the Exchange of Secrete Keys... 33 Annex C (Informative) Using Manual Authentication Protocols for the Exchange of Public Keys... 36 Annex D (Informative) On Mechanism Security and Choices for Parameter Lengths... 38 Annex E (Informative) A Method for Generating Short Check-Values... 41 Annex F (Informative) Comparative Analysis in Security and Efficiency of Mechanisms 1~8... 44 Annex G (Informative) Methods for Generating Short Digest-Values... 48 Bibliography... 49ForewordGB/T 15843 consists of the following parts, under the general title Information Technology – Security Techniques – Entity Authentication. --- Part 1.General; --- Part 2.Mechanisms Using Symmetric Encipherment Algorithms; --- Part 3.Mechanisms Using Digital Signature Techniques; --- Part 4.Mechanisms Using a Cryptographic Check Function; --- Part 5.Mechanisms Using Zero-Knowledge Techniques; --- Part 6.Mechanisms Using Manual Data Transfer. This Part is Part 6 of GB/T 15843. This Part was drafted as per the rules specified in GB/T 1.1-2009. This Part uses translation method to equivalently adopt ISO/IEC 9798-6.2010 Information Technology – Security Techniques – Entity Authentication – Part 6. Mechanisms Using Manual Data Transfer. Please note that some contents of this document may involve patents. The issuing agency of this document does not assume the responsibility to identity these patents. This Part was proposed by and under the jurisdiction of National Technical Committee for Standardization of Information Security (SAC/TC 260). Drafting organizations of this Part. Data Assurance and Communication Security Research Center, Chinese Academy of Sciences; Beijing Certificate Authority Co., Ltd.; and Feitian Technologies Co., Ltd. Chief drafting staffs of this Part. Xia Luning, Zhang Guozhu, Zhang Qionglu, Lin Xueyan, and Zhu Pengfei.1 ScopeThis Part of GB/T 15843 specifies eight entity authentication mechanisms based on manual data transfer between authenticating devices. This Part indicates how these mechanisms can be used to support key management functions, and provides guidance on secure choices of parameters for the mechanisms. For these 8 mechanisms, this Part gives their ASN.1 definitions, and analyzes and compares their security levels and efficiency.2 Normative ReferencesThe following documents are essential to the application of this document. For the dated documents, only the versions with the dates indicated are applicable to this document; for the undated documents, only the latest version (including all the amendments) are applicable to this document. GB/T 15843.1-2017 Information Technology - Security Techniques - Entity Authentication - Part 1.General (ISO/IEC 9798-1.2010, IDT)3 Terms and DefinitionsFor the purposes of this document, the terms and definitions given in GB/T 15843.1- 2017 and the following apply. Function f which maps a string of bits and a short secret key, i.e. a key that can readily be entered into or read from a user device, to a fixed-length string of bits, i.e. a b-bit check-value, satisfying the following properties.4 Symbols and Abbreviated TermsA, B - Labels used for the two devices engaging in a manual entity authentication mechanism.5 Overall RequirementsThis Clause specifies the general requirements that the authentication mechanisms 1~8 should meet. In addition to these general requirements, each authentication mechanism shall also meet the specific requirements specified in Clauses 6, 7, and 8.6 Mechanisms Using a Short Check-ValueIn the manual authentication mechanism 1, no authentication information is transmitted through non-secure channels. Therefore, if the random key K and check value are transferred from the device A to the device B before the device B obtains the data string D, it shall not affect the security of mechanism 1.7 Mechanisms Using a Short Digest-Value or a ShortUser compares the random key K and check-value outputted from the two devices; and input the Accept or Reject signal to the two devices through their simple input interfaces 8 Mechanisms Using a Message Authentication Code (MAC) This mechanism has two variants (7a and 7b). Mechanism 7a, specified in clause 8.2.3, requires fewer interactions between the two devices, whereas mechanism 7b, specified in clause 8.2.4, requires less manual user interaction.Annex A(Normative) ASN.1 DefinitionAnnex B(Informative) Using Manual Authentication Protocols for the Exchange of Secrete Keys This annex describes the method of using the manual authentication mechanism in this Part to perform key exchange so that two communicating entities share a secret key.Annex C(Informative) Using Manual Authentication Protocols for the Exchange of Public Keys In this annex methods are described that enable devices to reliably exchange a public key using one of the manual authentication mechanisms specified in the body of this Part. The context of the description is between a Certification Authority (CA) and a client of the CA. The CA needs to reliably transfer its public key to the client, and the client needs to reliably transfer its public key to the CA. ......Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al. Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of English version of GB/T 15843.6-2018 be delivered?Answer: The full copy PDF of English version of GB/T 15843.6-2018 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.Question 2: Can I share the purchased PDF of GB/T 15843.6-2018_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 15843.6-2018_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GB/T 15843.6-2018 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.How to buy and download a true PDF of English version of GB/T 15843.6-2018?A step-by-step guide to download PDF of GB/T 15843.6-2018_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).Step 2: Search keyword "GB/T 15843.6-2018". Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart. Step 4: Select payment option (Via payment agents Stripe or PayPal). Step 5: Customize Tax Invoice -- Fill up your email etc. Step 6: Click "Checkout". Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively. Step 8: Optional -- Go to download PDF. Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice. See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9 |
