Home Cart Quotation About-Us
www.ChineseStandard.net
SEARCH

GB/T 38636-2020 English PDF

Q: How long will the true-PDF of English version of GB/T 38636-2020 be delivered?

Upon your order, we will start to translate GB/T 38636-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time.

Q: Can I share the purchased PDF of GB/T 38636-2020_English with my colleagues?

Yes. The purchased PDF of GB/T 38636-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Q: Does the price include tax/VAT?

Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries). Avoidance of Double Taxation Agreements (DTAs) between Singapore and 100+ Countries: https://www.iras.gov.sg/taxes/international-tax

Q: Do you accept my currency other than USD?

Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

US$629.00 · In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 38636-2020: Information security technology - Transport layer cryptography protocol (TLCP)
Status: Valid

Standard ID	USD	BUY PDF	Lead-Days	Standard Title (Description)	Status
GB/T 38636-2020	629	Add to Cart	6 days	Information security technology - Transport layer cryptography protocol (TLCP)	Valid

Similar standards

GB/T 38626 GB/T 38671 GB/T 38628

Basic data

Standard ID: GB/T 38636-2020 (GB/T38636-2020)
Description (Translated English): Information security technology - Transport layer cryptography protocol (TLCP)
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.040
Word Count Estimation: 34,352
Date of Issue: 2020-04-28
Date of Implementation: 2020-11-01
Quoted Standard: GB/T 20518; GB/T 35275; GB/T 35276
Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration
Summary: This standard specifies transport layer cryptographic protocols, including record layer protocols, handshake protocol suites and key computation. This standard is applicable to the development of transport layer cryptographic protocol related products (such as SSL VPN gateways, browsers, etc.), and can also be used to guide the detection, management and use of transport layer cryptographic protocol related products.

GB/T 38636-2020: Information security technology - Transport layer cryptography protocol (TLCP)

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology--Transport layer cryptography protocol (TLCP) ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Transport Layer Cryptographic Protocol (TLCP) 2020-04-28 release 2020-11-01 implementation State Administration of Market Supervision and Administration Issued by the National Standardization Management Committee

Foreword I 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Symbols and abbreviations 1 5 Cryptographic algorithms and key types 2 5.1 Overview 2 5.2 Cryptographic algorithm 3 5.3 Key types 3 6 Agreement 4 6.1 Overview 4 6.2 Data type definition 4 6.3 Recording layer protocol 5 6.4 Handshake protocol family 10 6.5 Key calculation 23 Appendix A (Normative Appendix) GCM discernable encryption mode 24 Reference 31

Foreword

This standard was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that some content of this document may involve patents. The issuer of this document does not assume responsibility for identifying these patents. This standard is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260). This standard was drafted by. Shandong Dean Information Technology Co., Ltd., Gore Software Co., Ltd., Beijing Xinan Century Technology Co., Ltd. Division, Chengdu Weishitong Information Industry Co., Ltd., Changchun Jida Zhengyuan Information Technology Co., Ltd., Beijing Qiqi Intelligent Technology Co., Ltd. The company, Beijing Sanwei Xin'an Technology Development Co., Ltd., Beijing Haitai Fangyuan Technology Co., Ltd., and State Password Administration are in commercial password testing. Xin, Beijing Jiangnan Tianan Technology Co., Ltd., CICC Financial Certification Center Co., Ltd., Beijing Tianrongxin Network Security Technology Co., Ltd. The main drafters of this standard. Zheng Qiang, Ma Hongfu, Wang Zongbin, Luo Jun, Zhao Lili, Zhang Liting, Wang Xuelin, Tian Minqiu, Zhang Yuegong, Jiang Hongyu, Lu Chunmei, Li Guo, Sun Shengnan, Lei Xiaofeng. Information Security Technology Transport Layer Cryptographic Protocol (TLCP)

1 Scope

This standard specifies the transport layer cryptographic protocol, including the record layer protocol, handshake protocol family and key calculation. This standard applies to the development of transport layer cryptographic protocol related products (such as SSLVPN gateways, browsers, etc.), and can also be used to guide transmission The detection, management and use of products related to the layer cryptographic protocol.

2 Normative references

The following documents are essential for the application of this document. For dated references, only the dated version applies to this article Pieces. For the cited documents without date, the latest version (including all amendments) applies to this document. GB/T 20518 Information Security Technology Public Key Infrastructure Digital Certificate Format Specification GB/T 35275 Information Security Technology SM2 Cryptographic Algorithm Encrypted Signature Message Syntax Specification GB/T 35276 Information Security Technology SM2 Cryptographic Algorithm Usage Specification

3 Terms and definitions

The following terms and definitions apply to this document. 3.1 Digital certificate Contains public key owner information, public key, issuer information, validity period, and extension letter signed by a certificate certification authority (CA) A data structure of interest. Note. It can be divided into personal certificate, institution certificate and equipment certificate by category, and it can be divided into signature certificate and encryption certificate by usage. 3.2 IBC algorithm identitybased cryptography algorithm An asymmetric cryptographic algorithm that can use any identifier as the public key and does not need to use a digital certificate to prove the public key. 3.3 IBC logo IBCidentity A string representing the identity or attribute of an entity. 3.4 IBC public parameters Contains the public parameter information such as the name, operation curve, identification coding method and key generation algorithm of the IBC key management center. Note. The parameter information is used to convert the entity identification into a public key. 3.5 Initialization vector/value initializationvector; initializationvalue; IV In the password conversion, it is used as the starting data for data conversion to increase the security or synchronize the password devices.

4 Symbols and abbreviations

4.1 Symbol The following symbols apply to this document. . Tandem. ⊕. XOR operation. 0s. A bit string containing s '0' bits. CIPHK(X). The output of the packet ciphertext with key K and packet X. GCTRK(ICB,X). For the bit string X, the initial technical grouping is ICB, and the key is the output of the GCTR function K GHASHH(X). For GHASH with hash key H and bit string H. HMAC(X,Y). Perform cryptographic hash operation on Y with X as the key. incs(X). The incremental output of the rightmost s-bit of the bit string X. int(X). integer representation of the bit string X. len(X). the length of the bit string X. LSBs(X). The rightmost s-bit bit string of the bit string X. MSBs(X). The leftmost s-bit bit string of bit string X. X||Y. The connection between bit string X and bit string Y. A. Additional identifiable data. C. Cipher text. H. Hash subkey. K. Group key. P. Plain text. R. Constant used for group multiplication in the algorithm. T. Identification label. t. identify the length of the label. 4.2 Abbreviations The following abbreviations apply to this document. AEAD. Authentication encryption with additional data (AuthenticatedEncryptionwithAddationData) ADD. Additional authentication data (AdditionalAuthenticatedData) CBC. CipherBlockChaining working mode CTR. Counter DN. Distinguished Name (DistinguishedName) GCM. Galois Counter Mode (GaloisCounterMode) HMAC. message authentication code (Hash-basedMessageAuthenticationCode) calculated using a hash algorithm IBC. Identity-Based Cryptography ICB. Initial Counter Block (InitialCounterBlock) IV. Initialization Vector LSB. Least Significant Bit MSB. Most Significant Bit (MostSignificantBit) TLCP. Transport Layer Cryptography Protocol (TransportLayerCryptographyProtocol) XOR. Exclusive-OR

5 Cryptographic algorithms and key types

5.1 Overview TLCP uses cryptographic technology to provide confidentiality and data integrity between two applications. The cryptographic algorithm used by the protocol Contains asymmetric cryptographic algorithms, block cipher algorithms, cryptographic hash algorithms, data expansion functions and pseudo-random functions Contains server key, client key, pre-master key, master key and work key. 5.2 Cryptographic algorithm 5.2.1 Asymmetric cryptographic algorithm Used for identity authentication, digital signature, key exchange, etc. 5.2.2 Block cipher algorithm It is used for encryption protection of key exchange data and encryption protection of message data. The working mode adopted should be GCM or CBC mode. 5.2.3 Password hashing algorithm Used for symmetric key generation and integrity verification. 5.2.4 Data expansion function P_hash The P_hash function is defined as follows. P_hash(secret,seed) = HMAC(secret,A(1) seed) HMAC(secret, A(2) seed) HMAC(secret, A(3) seed) .. among them. The secret is the key required for the calculation. The seed is the data required for the calculation. A(0)=seed A(i) = HMAC(secret, A(i-1)) P_hash can iterate repeatedly until it produces data of the required length. 5.2.5 PRF The calculation method of PRF is as follows. PRF(secret,label,seed)=P_hash(secret,label seed) 5.3 Key types 5.3.1 Overview Asymmetric cryptographic algorithm is used for identity authentication and key exchange. After the identity authentication is passed, the pre-master key is negotiated. Key, and then derive the working key. Use the working key for encryption and decryption and integrity verification. 5.3.2 Server key The server key is an asymmetric cryptographic algorithm key pair, including a signing key pair and an encryption key pair, where the signing key is used for handshake In the process of server identity authentication, encryption key pair is used for pre-master key negotiation. 5.3.3 Client key The client key is an asymmetric cryptographic algorithm key pair, including a signing key pair and an encryption key pair, where the signing key is used for handshake In the process of client identity authentication, encryption key pair is used for pre-master key negotiation. 5.3.4 Pre-master key The pre-master key (pre_master_secret) is the key material generated by the two parties through negotiation and is used to generate the master key. 5.3.5 Master key The master key (master_secret) is generated by the pre-master key, the client random number, the server random number, and the constant string. The 48-byte key material is used to generate a working key. 5.3.6 Work key The working key includes a data encryption key and a verification key. The data encryption key is used for data encryption and decryption, and the verification key is used For data integrity calculation and verification. The work key used by the sender is called the write key, and the work key used by the receiver is called the read key.

6 Agreement

6.1 Overview TLCP includes record layer protocol and handshake protocol family. The handshake protocol family includes password specification change protocol, alarm protocol and handshake protocol. 6.2 Data type definition 6.2.1 Basic data types Six basic data types are defined, namely opaque, uint8, uint16, uint24, uint32, uint64.All types The network byte order indicates that the minimum data size is an 8-bit byte. opaque. any type of data, 1 byte. uint8.Unsigned 8-bit integer, 1 byte. uint16.Unsigned 16-bit integer, 2 bytes. uint24.Unsigned 24-bit integer, 3 bytes. uint32.Unsigned 32-bit integer, 4 bytes. uint64.Unsigned 64-bit integer, 8 bytes. 6.2.2 Vector Vectors are data sequences of a given type. There are two types of vectors. fixed length and variable length. The fixed-length vector is represented by [x]; variable length Vector \u003cx.y\u003e To indicate, where x represents the lower limit and y represents the upper limit, if only the upper limit needs to be expressed, use \u003cy\u003e Said. The length of all vectors Degrees are in bytes. The variable-length vector header represents the actual length of the vector, and the size of the header is the maximum that can accommodate the maximum length of the variable-length vector The number of small bytes. 6.2.3 Enumerated types Enumerated (Enumerateds) is a series of specific value field collection, usually each field includes a name and value. If it contains An unnamed value, this value represents the specified maximum value. If only the name is included and no value is defined, it can only be used to refer to the status value, not Can be used in actual coding. For example, enum{red(0), green(1), (255)}color. The size of the enumeration variable can accommodate the largest enumeration The minimum number of bytes for the value. 6.2.4 Structure type Structured types (ConstructedTypes) are defined by struct, which is similar to the C language struct syntax. The fields in the struct are pressed Encode in series according to the order. If a struct is included in another struct, you can omit the name of the struct. 6.2.5 Variation type Variants are defined with select and case, and are used to define structures that depend on external information to change, similar to C language CHOICE of union or ASN.1. 6.3 Record layer protocol 6.3.1 Overview The record layer protocol is hierarchical, and each layer includes a length field, a description field and a content field. Record layer protocol reception will be transmitted The input message divides the data into blocks, compresses (optional), calculates HMAC, encrypts, and then transmits. The received data is decrypted, verified, and decompressed Shrink (optional), repackage and then transfer to high-level applications. Record layer protocols include. handshake, alarm, password specification change and other types. In order to support the expansion of the protocol, the record layer protocol can support other Record type. Any new record type should be assigned in addition to the content type value assigned to the above type. If you receive a Unrecognized record types should be ignored. 6.3.2 Connection status The connection status is the operating environment of the record layer protocol. Includes four typical connection states. current read state, write state, pending read state Status, pending write status. Among them, reading means receiving data, writing means sending data. All records are processed in the current read and write state. The security parameters of the pending state can be set by the handshake protocol, and the password specification change message can change the pending state to the current state. Except the most In addition to the initial current state, the current state should include negotiated security parameters. The safety parameter structure of the connection status is as follows. struct{ ConnectionEnd entity; BulkCipherAlgorithm bulk_cipher_algorithm; CipherType cipher_type; uint8 key_material_length; MACAlgorithm mac_algorithm; uint8 hash_size; CompressionMethod compression_algorithm; opaque master_secret[48]; opaque client_random[32]; opaque server_random[32]; uint8 record_iv_length; uint8 fixed_iv_length; uint8 mac_length; }SecurityParameters; among them. a) ConnectionEnd Represents the role of the local end in the connection, as a client or server. defined as. enum{server,client}ConnectionEnd. b) BulkCipherAlgorithm Cryptographic algorithm used for data encryption and decryption. defined as. enum{sm4}BulkCipherAlgorithm. c) CipherType Represents the type of cryptographic algorithm. defined as. enum{block}CipherType. d) key_material_length Represents the length of key material. e) MACAlgorithm A cryptographic hash algorithm used to calculate and verify the integrity of messages. defined as. enum{sha_256,sm3}MACAlgorithm. f) hash_size Indicates the length of the hash. g) CompressionMethod Algorithm used for data compression. defined as. enum{nul(0),(255)}CompressionMethod. h) master_secret A 48-byte key calculated by the pre-master key, client random number, and server random number during the negotiation process i) client_random 32 bytes of random data generated by the client. j) server_random 32 bytes of random data generated by the server. k) record_iv_length The length of the initial vector. l) fixed_iv_length Fixed initial vector length. m) mac_length MAC length. The recording layer will use the above security parameters to generate the following. ---Client write verification key clientwriteMACsecret. ---The server writes the verification key serverwriteMACsecret. ---Client write key clientwritekey. ---Server write key server write key. ---Client write initial vector clientwriteiv. ---Server write initial vector serverwriteiv. The server uses the client to write parameters when receiving and processing records, and the server uses the server to write parameters when receiving and processing records. Yongan For full-parameter algorithm for generating these keys, see 6.5.After the key is generated, the connection state can be changed to the current state. 6.3.3 Record layer 6.3.3.1 Overview The recording layer receives non-empty continuous data of any size from the upper layer, segments the data, compresses it, calculates the check code, encrypts it, and transmits it. The received data is decrypted, verified, decompressed, repackaged, and then transmitted to high-level applications. 6.3.3.2 Segment The recording layer divides the data into 214-byte or smaller segments. The structure of each fragment is as follows. struct{ ContentTypetype; ProtocolVersionversion; uint16length; opaquefragment[TLSPlaintext.length]; }TLSPlaintext; among them. a) Type. The recording layer protocol type of the fragment. defined as. enum{ change_cipher_spec(20), alert(21), handshake(22), application_data(23),(255) }ContentType; b) Version. The version number of the protocol used. The version number here is 1.1.defined as. struct{ uint8major=0x01, uint8minor=0x01; }ProtocolVersion; c) length The fragment length in bytes is less than or equal to 214. d) fragment The data to be transferred. The record layer protocol does not care about the specific data content. 6.3.3.3 Compression and decompression All records are compressed using the compression algorithm specified by the current session state. The compression algorithm specified by the current session state is initialized Turned into an empty algorithm. The compression algorithm converts the data of a TLS Plaintext structure into the data of a TLS Compressed structure. The compressed data length can only increase up to 1024 bytes. If the length of the decompressed data exceeds 214 bytes, the report Report a fatal error decompressionfailure. The compressed data structure is as follows. struct{ ContentTypetype; ProtocolVersionversion; uint16length; opaquefragment[TLSCompressed.length]; }TLSCompressed; among them. a) The definitions of type and version are the same as a) and b) in 6.3.3.2. b) length The length of TLSCompressed.fragment in bytes is less than or equal to 214 1024. c) fragment The compressed form of TLSPlaintext.fragment. 6.3.3.4 Encryption and verification 6.3.3.4.1 Overview Encryption and verification operations convert data from a TLSCompressed structure to data from a TLSCiphertext structure. The decryption operation performs the opposite operation. The encrypted data structure is as follows. struct{ ContentTypetype; ProtocolVersionversion; uint16length; select(CipherSpec.cipher_type){ caseblock.GenericBlockCipher; caseaead.GenericAEADCipher; }fragment; }TLSCiphertext; among them. a) The definitions of type and version are the same as a) and b) in 6.3.3.2. b) length The length of TLSCiphertext.fragment in bytes is less than or equal to 214 2048. c) fragment TLSCompressed.fragment encryption form with check code. 6.3.3.4.2 Data processing of the verification algorithm The verification code is calculated before encryption, and the calculation method is as follows. HMAC_hash(MAC_write_secret,seq_num TLSCompressed.type TLSCompressed.version TLSCompressed.length TLSCompressed.fragment) among them. a) seq_num serial number. Each read and write state maintains a monotonically increasing serial number. The type of serial number is uint64, serial number The initial value is zero, and the maximum cannot exceed 264-1.The serial number cannot be rewound. If the serial number overflows, it should be restarted Shaking hands. b) hash The hash algorithm used when calculating the check code. 6.3.3.4.3 Data processing of block cipher algorithm When using the block cipher algorithm to encrypt and decrypt data, the encryption operation and check operation are used to combine a TLSCompressed.fragment The structured data is converted into a TLSCiphertext.fragment structure data. The encrypted data includes the result of the check operation. The data structur......

Image

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 38636-2020_English be delivered?

Answer: Upon your order, we will start to translate GB/T 38636-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 38636-2020_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 38636-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.