GB/T 15852.2-2024 English PDFUS$439.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 15852.2-2024: Cybersecurity technology - Message authentication codes(MACs) - Part 2: Mechanisms using a dedicated hash-function Status: Valid GB/T 15852.2: Historical versions
Basic dataStandard ID: GB/T 15852.2-2024 (GB/T15852.2-2024)Description (Translated English): Cybersecurity technology - Message authentication codes(MACs) - Part 2: Mechanisms using a dedicated hash-function Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.030 Word Count Estimation: 22,242 Date of Issue: 2024-09-29 Date of Implementation: 2025-04-01 Older Standard (superseded by this standard): GB/T 15852.2-2012 Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration GB/T 15852.2-2024: Cybersecurity technology - Message authentication codes(MACs) - Part 2: Mechanisms using a dedicated hash-function---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. ICS 35.030 CCSL80 National Standard of the People's Republic of China Replaces GB/T 15852.2-2012 Network security technology message authentication code Part 2.Mechanisms using specially designed hash functions Released on 2024-09-29 2025-04-01 Implementation State Administration for Market Regulation The National Standardization Administration issued Table of ContentsPreface III Introduction IV 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Symbols 3 5 User Requirements 4 6 MAC algorithm 1 (MDx-MAC) 4 6.1 General 4 6.2 Description of MAC Algorithm 1 4 6.2.1 General 4 6.2.2 Step 1 (Key Expansion) 5 6.2.3 Step 2 (Modify constants and initial values) 5 6.2.4 Step 3 (Hash Operation) 5 6.2.5 Step 4 (Output Transformation) 5 6.2.6 Step 5 (Truncation Operation) 5 6.3 Efficiency 5 7 MAC algorithm 2 (HMAC) 6 7.1 General 6 7.2 Description of MAC Algorithm 2 6 7.2.1 General 6 7.2.2 Step 1 (Key Expansion) 6 7.2.3 Step 2 (Hash Operation) 6 7.2.4 Step 3 (Output Transformation) 6 7.2.5 Step 4 (Truncation Operation) 6 7.3 Efficiency 6 8 MAC algorithm 3 (variant of MDx-MAC) 7 8.1 General 7 8.2 Description of MAC Algorithm 3 7 8.2.1 General 7 8.2.2 Step 1 (Key Expansion) 7 8.2.3 Step 2 (Modify constants and initial values) 7 8.2.4 Step 3 (Filling) 7 8.2.5 Step 4 (applying the round function) 8 8.2.6 Step 5 (Truncation Operation) 8 8.3 Efficiency 8 9 Calculation of constants 8 9.1 Overview 8 9.2 SM3 cryptographic hash function 8 Appendix A (Informative) Security Analysis of MAC Algorithm 9 Appendix B (Normative) Object Identifiers 11 Appendix C (Informative) Test Vector 13 Reference 17ForewordThis document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for standardization work Part 1.Structure and drafting rules for standardization documents" Drafting. This document is Part 2 of GB/T 15852.GB/T 15852 has been published in the following parts. --- Information technology security techniques Message authentication code Part 1.Mechanisms using block ciphers; --- Network security technology Message authentication code Part 2.Mechanism using specially designed hash functions; --- Information technology security techniques Message authentication code Part 3.Mechanisms using generalized hash functions. This document replaces GB/T 15852.2-2012 "Information technology security technology message authentication code Part 2.Using dedicated hash Compared with GB/T 15852.2-2012, in addition to structural adjustments and editorial changes, the main technical changes are as follows. a) Added the terms "entropy", "input data bit string", "security strength" and their definitions, and changed the terms "hash function", "padding", "initialization" and "initialization" The definitions of "value", "round function", "group", and "word" have been changed, and the terms "collision-resistant hash function" and "message bit string" have been deleted (see Chapter 3,.2012 Chapter 3 of the.2001 edition); b) The symbol D' was deleted, and the symbols h, K', K0, K1, K2, K, K1, K2, R, S0, S1, S2, T0, T1, T2, U0, U1, The definitions of U2, ϕ', K1[i], and H are updated with the symbol w, (see Chapter 4, Chapter 4 of the.2012 edition); c) Changed the range of optional hash functions, and changed the description and constants of specially designed hash functions in the algorithm description Calculation (see Chapters 5 to 9, Chapters 5 to 9 of the.2012 edition); d) Added instructions on MAC value and input data string length limit (see Chapter 5); e) Added the general rules for MAC algorithm, added the description of MAC algorithm key length and input data bit string length (see 6.1, 7.1, 8.1); f) Added general rules and step annotations for MAC algorithm description (see 6.2, 7.2, 8.2); g) Added descriptions of MAC Algorithm 1 and MAC Algorithm 3 using the SM3 cryptographic hash algorithm and the corresponding constant calculations (see Chapters 6 to 9); Deleted the description of other specially designed hash functions and the corresponding constant calculations (see.2012 Chapter 6 to Chapter 9 of the version) h) Changed the description of the security proof of MAC algorithm 2 (see Appendix A, Appendix B of the.2012 edition). Please note that some of the contents of this document may involve patents. The issuing organization of this document does not assume the responsibility for identifying patents. This document was proposed and coordinated by the National Cybersecurity Standardization Technical Committee (SAC/TC260). This document was drafted by. Institute of Software, Chinese Academy of Sciences, China Electronics Technology Network Security Technology Co., Ltd., University of Chinese Academy of Sciences, The National Cryptography Administration Commercial Cryptography Testing Center, Guilin University of Electronic Technology, Guangxi Netcom Information Technology Co., Ltd., Geer Software Co., Ltd. Co., Ltd., Xingtang Communication Technology Co., Ltd., Zhengzhou Xindajiean Information Technology Co., Ltd., Beijing Shidai Xinwei Information Technology Co., Ltd. Beijing Times Yixin Technology Co., Ltd., Changyang Technology (Beijing) Co., Ltd., China Electronics Technology Group Corporation 15th Research Institute Institute, Zhejiang Dahua Technology Co., Ltd., Shaanxi Information Engineering Research Institute, and Huawei Technologies Co., Ltd. The main drafters of this document are. Wu Wenling, Sui Han, Zhang Liting, Liu Limin, Sun Siwei, Luo Peng, Mao Yingying, Zhang Lei, Zheng Yafei, Wei Yongzhuang, Wei Bohua, Zheng Qiang, Cai Zifan, Liu Weihua, Wang Lianqiang, Liu Weifeng, Zhao Hua, Li Yanjun, Wei Dong, Zhao Xiaorong, Zeng Guang. The previous versions of this document and the documents it replaces are as follows. ---First published in.2012 as GB/T 15852.2-2012; ---This is the first revision.IntroductionMessage authentication codes can protect the integrity of data and verify the source of data. The code is. in the design process, a specially designed hash function (such as SM3, etc.) or its round function is used as the main component, through a certain number of iterations The message authentication code formed by the mechanism. GB/T 15852 is intended to be divided into the following parts. --- Part 1.Mechanisms using block ciphers. The purpose is to specify message authentication codes using block ciphers. --- Part 2.Mechanisms using specially designed hash functions. The purpose is to specify the message using specially designed hash functions Identification code. --- Part 3.Mechanisms using generalized hash functions. The purpose is to specify message authentication codes using generalized hash functions. Network security technology message authentication code Part 2.Mechanisms using specially designed hash functions1 ScopeThis document specifies the user requirements for message authentication codes (MACs) using specially designed hash functions. A message authentication code algorithm based on a hash function designed by the gate. NOTE 1 These message authentication algorithms can be used to verify data integrity and to check whether data has been altered in an unauthorized manner. This document applies to security architectures, processes and application security services. Note 2.The first MAC algorithm defined in this document is usually called MDx-MAC. It calls the complete hash function once, but does a The second MAC algorithm is usually called HMAC, which calls The third MAC algorithm is a variant of MDx-MAC, which limits the input length to no more than 256 bits. In case of short input, it has better performance.2 Normative referencesThe contents of the following documents constitute essential clauses of this document through normative references in this document. For referenced documents without a date, only the version corresponding to that date applies to this document; for referenced documents without a date, the latest version (including all amendments) applies to This document. GB/T 18238.3-2024 Network security technology hash functions Part 3.Specially designed hash functions GB/T 25069-2022 Information Security Technical Terminology GB/T 32905-2016 Information security technology SM3 cryptographic hash algorithm3 Terms and definitionsThe terms and definitions defined in GB/T 25069-2022 and the following apply to this document. 3.1 Entropy A measure of disorder, randomness, or variability in a closed system. Note. The entropy of a random variable X is a quantitative measure of the amount of information obtained by observing X. [Source. ISO /IEC 18031.2011, 3.11] 3.2 Hash-function A function that maps a bit string of arbitrary length to a bit string of fixed length satisfies the following properties. ---Given an output bit string, it is computationally infeasible to find an input bit string that produces the output bit string; ---Given an input bit string, it is computationally infeasible to find another different input bit string that produces the same output bit string. [Source. GB/T 25069-2022, 3.505, modified] 3.3 Input data string inputdatastring Input MAC algorithm bit string. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 15852.2-2024_English be delivered?Answer: Upon your order, we will start to translate GB/T 15852.2-2024_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 15852.2-2024_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 15852.2-2024_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.Question 5: Should I purchase the latest version GB/T 15852.2-2024?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 15852.2-2024 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically. |
