GB/T 15852.1-2020 English PDFUS$779.00 · In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 15852.1-2020: Information technology. Security techniques-Message authentication codes - Part 1: Mechanisms using a block cipher Status: Valid GB/T 15852.1: Historical versions
Basic dataStandard ID: GB/T 15852.1-2020 (GB/T15852.1-2020)Description (Translated English): Information technology. Security techniques-Message authentication codes - Part 1: Mechanisms using a block cipher Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 42,458 Date of Issue: 2020-12-14 Date of Implementation: 2021-07-01 Older Standard (superseded by this standard): GB/T 15852.1-2008 Quoted Standard: GB/T 17964-2008 Adopted Standard: ISO/IEC 9797-1-2011, MOD Regulation (derived from): National Standard Announcement No. 28 of 2020 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration Summary: This standard specifies user requirements and general algorithm models for message authentication codes (MAC) that use block ciphers, and specifies 8 message authentication code algorithms that use block ciphers. This standard applies to the security services of the security architecture, process and application. GB/T 15852.1-2020: Information technology. Security techniques-Message authentication codes - Part 1: Mechanisms using a block cipher---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. (Information Technology Security Technology Message Authentication Code Part 1: Using Block Cipher Mechanism) ICS 35:040 L80 National Standards of People's Republic of China Replace GB/T 15852:1-2008 Information technology security technology message authentication code Part 1: The mechanism of using block ciphers [ISO /IEC 9797-1:2011,Informationtechnology-Securitytechniques- Released on 2020-12-14 Implemented on 2021-07-01 State Administration for Market Regulation Issued by the National Standardization Management Committee Table of contentsPreface Ⅲ Introduction Ⅵ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Symbols and abbreviations 2 4:1 Symbol 2 4:2 Abbreviations 4 5 User requirements 4 6 MAC algorithm model 5 6:1 General model 5 6:2 Key Induction (Step 1) 5 6:2:1 Overview 5 6:2:2 Key induction method 1 6 6:2:3 Key induction method 2 6 6:3 Message filling (step 2) 6 6:3:1 Overview 6 6:3:2 Filling method 1 6 6:3:3 Filling method 2 6 6:3:4 Filling method 3 6 6:3:5 Filling method 4 7 6:4 Data Segmentation (Step 3) 7 6:5 Initial transformation (step 4) 7 6:5:1 Overview 7 6:5:2 Initial transformation 1 7 6:5:3 Initial transformation 2 7 6:5:4 Initial transformation 3 7 6:6 Iterative application of block cipher (step 5) 7 6:7 Final iteration (step 6) 8 6:7:1 Overview 8 6:7:2 Final iteration 1 8 6:7:3 Final iteration 2 8 6:7:4 Final iteration 3 8 6:7:5 Final iteration 4 8 6:8 Output transformation (step 7) 8 6:8:1 Overview 8 6:8:2 Output transformation 1 8 6:8:3 Output transformation 2 9 6:8:4 Output transformation 3 9 6:9 Truncation operation (step 8) 9 6:9:1 Overview 9 6:9:2 Truncation operation 1 9 6:9:3 Truncation operation 2 9 7 MAC algorithm 9 7:1 Overview 9 7:2 MAC algorithm 1 (CBC-MAC) 9 7:3 MAC Algorithm 2 (EMAC) 10 7:4 MAC algorithm 3 (ANSIretailMAC) 11 7:5 MAC Algorithm 4 (MacDES) 11 7:6 MAC Algorithm 5 (CMAC) 12 7:7 MAC Algorithm 6 (LMAC) 12 7:8 MAC Algorithm 7 (TrCBC) 13 7:9 MAC Algorithm 8 (CBCR) 14 Appendix A (informative appendix) Structure changes of this part compared with ISO /IEC 9797-1:2011 15 Appendix B (informative appendix) Test vector 17 B:1 Overview 17 B:2 MAC Algorithm 1 (CBC-MAC) 18 B:3 MAC Algorithm 2 (EMAC) 19 B:4 MAC algorithm 3 (ANSIretailMAC) 20 B:5 MAC Algorithm 4 (MacDES) 22 B:6 MAC Algorithm 5 (CMAC) 24 B:7 MAC Algorithm 6 (LMAC) 25 B:8 MAC Algorithm 7 (TrCBC) 26 B:9 MAC Algorithm 8 (CBCR) 27 Appendix C (Informative Appendix) Security Analysis of MAC Algorithm 28 References 34ForewordGB/T 15852 "Information Technology Security Technical Message Identification Code" is divided into the following three parts: ---Part 1: The mechanism of using block ciphers; ---Part 2: The mechanism of using a dedicated hash function; ---Part 3: Using the mechanism of universal hash function: This part is Part 1 of GB/T 15852: This section was drafted in accordance with the rules given in GB/T 1:1-2009: This part replaces GB/T 15852:1-2008 "Information Technology Security Technical Message Authentication Code Part 1: Using Block Ciphers Mechanisms": Compared with GB/T 15852:1-2008, the main technical changes are as follows: ---Deleted the description of the purpose of the message authentication code algorithm (see Chapter 1 of the:2008 edition); ---Added the common name reference of the MAC algorithm (see Chapter 5 and Chapter 7); ---Deleted the normative reference documents GB/T 9387:2-1995 and GB/T 15843:1-2008 (see the second edition of the:2008 edition) chapter); ---The term "initial transformation" (see 3:13) has been added, and the definition of the term "output transformation" has been modified to adapt to the modified MAC algorithm The general model (see 3:14, 3:2:7 of the:2008 edition); --- Added 16 symbols and modified 3 symbols (see 4:1, Chapter 4 of the:2008 edition); added "abbreviations" (see 4:2); --- Modify the title of Chapter 5, change "requirements" to "user requirements"; modify the requirements for users to select key induction methods (see Chapter Chapter 5, Chapter 5 of the:2008 edition); ---Added the requirement of data string length when using MAC algorithm 4 and the requirement of MAC length when using MAC algorithm 7 (see section Chapter 5); ---Modified the general model of the MAC algorithm and the "MAC algorithm model" diagram, and added key induction and final iterative operations to suit Used for all MAC algorithms specified in this section (see Chapter 6:1, Chapter 6 of the:2008 edition); ---Added the overview and method of the key induction operation, and the overview and method of the final iterative operation (see 6:2, 6:7); added the filling method Method 4, initial transformation 3 (see 6:3:5, 6:5:4); modified iterative application block cipher operation (see 6:6,:2008 edition 6:4); add Added an overview of truncation operation and truncation operation 2 (see 6:9); modified and added the operation method specified in this section of MAC Description of the application in the algorithm (see 6:3:1, 6:5:1, 6:7:1, 6:8:1, 6:9:1, 6:1, 6:3, 6:5 of the:2008 edition); ---Modified the comment of the common name of MAC algorithm 4, deleted the description of the key length when using DEA (see 7:5,:2008 Version 7:4); ---Modified MAC algorithm 5 and replaced it with CMAC (see 7:6, 7:5 in the:2008 edition); modified MAC algorithm 6 and replaced it with LMAC (see 7:7, 7:6 of the:2008 edition); ---Added MAC algorithm 7 (TrCBC) and MAC algorithm 8 (CBCR) (see 7:8, 7:9); --- Modify the title of Appendix A "Examples" to "Test Vector"; modify the block cipher algorithm used, modify DEA to SM4 Block cipher algorithm; modified the plaintext, key, and result (see Appendix B, Appendix A of the:2008 edition); added MAC algorithm 7 And the test vector of MAC algorithm 8 (see B:8, B:9); --- Modify the efficiency of the algorithms numbered 1:2 and 4:2 in Table C:1; increase the security of MAC algorithm 7 and MAC algorithm 8 Description, characteristics of the algorithm, security strength estimation (see Appendix C): This part uses the redrafting law to amend and adopt ISO /IEC 9797-1:2011 "Information Technology Security Technical Message Identification Code No: 1 Part: The Mechanism of Using Block Ciphers: Compared with ISO /IEC 9797-1:2011, this part has many adjustments in structure: Appendix A lists this part and ISO /IEC 9797-1:2011 chapter number comparison list: The technical differences between this part and ISO /IEC 9797-1:2011 and the reasons are as follows: ---Regarding normative reference documents, this section has made adjustments with technical differences to adapt to my country's technical conditions and adjustments: The situation is collectively reflected in Chapter 2 "Normative Reference Documents", and the specific adjustments are as follows: ● Delete the reference to ISO 18033-3; ● Added reference to GB/T 17964-2008; ---Modified the definition of the term "message authentication code", and added the term "initial transformation" and definition (see Chapter 3, ISO /IEC 9797-1: Chapter 3 of:2011); ---Added 4 symbols such as "initial transformation" to adapt to the general model of the modified MAC algorithm and the definition in Chapter 7 There is a MAC algorithm (see 4:1); the definition of assignment symbols has been modified to simplify the description (see 4:1, ISO /IEC 9797-1:2011 Chapter 4); Added "abbreviations" and listed 3 abbreviations used in this section (see 4:2); ---Added the common name reference of the MAC algorithm to facilitate management and communication (see Chapter 5 and Chapter 7); ---Modified the requirements for users to select block cipher algorithms to meet the requirements of my country's password management; modified the user selection key induction Method requirements, to correct errors in international standards; increase the requirements of MAC length when using MAC algorithm 7; modify the The key management information is a comment (see Chapter 5, Chapter 5 of ISO /IEC 9797-1:2011); ---Modified the general model of the MAC algorithm, added the initial transformation operation, and modified the "MAC algorithm model" diagram, the modified The general model can be applied to all MAC algorithms defined in this section, which solves the problem that the general model is not applicable to MAC algorithm 4: Questions (see 6:1, 6:1 of ISO /IEC 9797-1:2011); ---Added the overview and method of the initial transformation, corresponding to the modification of the general model (see 6:5); Modified the iterative application of block cipher operation The starting position of the work is connected to the initial transformation, and notes that are no longer applicable are deleted (see 6:6, ISO /IEC 9797-1:2011, 6:5); Added final iteration 4 for MAC algorithm 8 (see 6:7:5); added an overview of truncation operation and truncation operation 2, used for MAC algorithm 7, and keep the operation description method consistent (see 6:9); ---Modified the description of the MAC algorithm under the general model to adapt to the modified general model (see Chapter 7, ISO /IEC 9797- 1:2011 Chapter 7) ---Deleted the description about the MAC algorithm adopting the block cipher algorithm not stipulated by our country's standard to adapt to our country's password management Requirements (see 7:4, 7:5, ISO /IEC 9797-1:2011, 7:4, 7:5); ---Added MAC algorithm 7 (TrCBC) and MAC algorithm 8 (CBCR) to supplement new algorithms with good performance (see 7:8, 7:9): This section has made the following editorial changes: ---Deleted the description of the key management mechanism and the scope of the object identifier in Chapter 1 of ISO /IEC 9797-1:2011; --- Deleted Appendix A "Object Identifier" of ISO /IEC 9797-1:2011; ---Added the informative reference document GB/T 32907-2016 in Appendix B:1; --- Deleted Appendix B of ISO /IEC 9797-1:2011 about MAC algorithms using block ciphers that are not specified by Chinese standards A description of the law; --- Modify the title of the appendix "example" to "test vector"; modify the block cipher algorithm, plaintext, key, result, use The cryptographic algorithm specified in the Chinese standard generates the test vector of the MAC algorithm (see Appendix B, ISO /IEC 9797-1:2011 attachment Record B); Added test vectors for MAC algorithm 7 and MAC algorithm 8 (see B:8, B:9); ---Modified the algorithm efficiency numbered 1:2 and 4:2 in Table C:1, and corrected the errors in the international standards (see Appendix C, ISO /IEC 9797-1:2011 Appendix C); added the security description, algorithm characteristics, and security of MAC Algorithm 7 and MAC Algorithm 8: Strength estimation (see Appendix C); ---C:2 of ISO /IEC 9797-1:2011 was deleted, due to safety issues in methods and recommendations; --- Deleted Appendix D of ISO /IEC 9797-1:2011 "Comparison with previous MAC algorithm standards": Please note that certain contents of this document may involve patents: The issuing agency of this document is not responsible for identifying these patents: This part is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260): Drafting organizations of this section: Institute of Software, Chinese Academy of Sciences, Chengdu Weishitong Information Industry Co:, Ltd:, Guilin University of Electronic Technology, Commercial Password Testing Center of the State Cryptography Administration: The main drafters of this section: Wu Wenling, Sui Han, Zhang Liting, Zhang Lei, Wei Yongzhuang, Mao Yingying, Zheng Yafei, Tu Binbin, Liu Renzhang, Ding Yong, Wang Yujue, Zhang Zhong: The previous versions of the standards replaced by this part are as follows: ---GB/T 15852-1995; ---GB/T 15852:1-2008:IntroductionThis part defines 8 message authentication code algorithms (MAC algorithms) using n-bit block ciphers: CBC-MAC, EMAC, ANSIretailMAC, MacDES, CMAC, LMAC, TrCBC, CBCR: The first MAC algorithm defined in this section is usually called CBC-MAC: The remaining seven MAC algorithms are variations of CBC-MAC Kind: Among them, MAC algorithm 2, MAC algorithm 3, MAC algorithm 5, MAC algorithm 6, and MAC algorithm 8 are applied at the end of the operation Special transformation: MAC algorithm 4 applies a special transformation at the beginning and the end of the operation: MAC algorithm 7 is intercepting MAC Special rules are used when setting values: When the key length of the MAC algorithm is twice the length of the block cipher key, the MAC algorithm should be used: Method 4: MAC algorithm 5 and MAC algorithm 7 use encryption the least number of times: MAC algorithm 5 only requires one block cipher key setting, But a longer intermediate key is required: MAC algorithm 6 is an optional variant of MAC algorithm 2: MAC algorithm 7 and MAC algorithm 8 No intermediate keys and key settings are required: When the storage space is limited, it is recommended to use MAC algorithm 7 and MAC algorithm 8: All relevant contents of this section involving cryptographic algorithms shall be implemented in accordance with relevant national laws and regulations; all related to the use of cryptographic technology to solve confidentiality and integrity The requirements for security, authenticity and non-repudiation should follow the national and industry standards related to cryptography: Information technology security technology message authentication code Part 1: The mechanism of using block ciphers1 ScopeThis part of GB/T 15852 specifies user requirements and general algorithm models for message authentication codes (MAC) using block ciphers: Provides 8 message authentication code algorithms using block ciphers: This section applies to security services for security architecture, processes and applications:2 Normative referencesThe following documents are indispensable for the application of this document: For dated reference documents, only the dated version applies to this article Pieces: For undated references, the latest version (including all amendments) applies to this document: GB/T 17964-2008 Information Security Technology Block Cipher Algorithm Working Mode3 Terms and definitionsThe following terms and definitions apply to this document: 3:1 Group block A bit string of length n: 3:2 Key The sequence of symbols that controls the password conversion operation: Note: Password transformation operations, such as encryption, decryption, password verification function calculation, signature generation, signature verification: [GB/T 15843:1-2017, definition 3:16] 3:3 Plaintext Unencrypted information: 3:4 Ciphertext Data transformed to hide information content: [GB/T 15843:1-2017, definition 3:7] 3:5 Block cipherkey The key that controls the block cipher operation: 3:6 n-bit block cipher A block cipher with a block length of n bits: ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 15852.1-2020_English be delivered?Answer: Upon your order, we will start to translate GB/T 15852.1-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 15852.1-2020_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 15852.1-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.Question 5: Should I purchase the latest version GB/T 15852.1-2020?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 15852.1-2020 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically. |
