GM/T 0021-2023 English PDFUS$579.00 · In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email. GM/T 0021-2023: (Dynamic password application technical specifications) Status: Valid GM/T 0021: Historical versions
Basic dataStandard ID: GM/T 0021-2023 (GM/T0021-2023)Description (Translated English): (Dynamic password application technical specifications) Sector / Industry: Chinese Industry Standard (Recommended) Word Count Estimation: 28,297 Date of Issue: 2023-12-04 Date of Implementation: 2024-06-01 Issuing agency(ies): State Administration of Cryptography GM/T 0021-2012: One time password application of cryptography algorithm---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.One time password application of cryptography algorithm ICS 35.040 L80 Record number. 38319-2013 People's Republic of China Password Industry Standard Dynamic password password application specifications 2012-11-22 released 2012-11-22 implementation Issued by the National Cryptography Administration .Contents Preface Ⅲ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Symbol 3 5 Dynamic password system 4 5.1 Overview 4 5.2 Overall Framework 4 5.3 Brief description of basic authentication principles 5 6 Dynamic password generation method 6 6.1 Overview 6 6.2 Algorithm instructions 6 6.3 Truncation Algorithm 7 7 Dynamic token characteristics 8 7.1 Token hardware requirements 8 7.2 Token Security Features 9 8 Authentication system 10 8.1 System description 10 8.2 Authentication system service 11 8.3 Authentication system management function 13 8.4 Safety requirements 13 9 Key Management System 14 9.1 Overview 14 9.2 System Architecture 14 9.3 Functional requirements 16 9.4 System Security Design 17 9.5 Hardware Password Device Interface Description 21 Appendix A (informative appendix) Dynamic password generation algorithm C language implementation use case 22 A.1 Use case of dynamic password generation algorithm using SM3 22 A.2 Use cases of dynamic password generation algorithm using SM4 27 Appendix B (informative appendix) Dynamic password generation algorithm calculation input and output use cases 34 B.1 Use case of input and output of dynamic password generation algorithm using SM3 34 B.2 Use cases of input and output of the dynamic password generation algorithm using SM4 34 Appendix C (informative appendix) Operation parameter and data description use case 36 Appendix D (informative appendix) Authentication system interface 37 D.1 Service message format 37 D.2 Service identification 39 D.3 Data identification 39 D.4 Return code 40 D.5 Application interface 41 ForewordThis standard was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that certain contents of this standard may involve patents. The issuing agency of this document is not responsible for identifying these patents. Appendix A, Appendix B, Appendix C, and Appendix D of this standard are informative appendices. This standard was proposed and managed by the State Cryptography Administration. Drafting organizations of this standard. Shanghai Zhongren Network Security Technology Co., Ltd., Shanghai Fudan Microelectronics Co., Ltd., Feitian Chengxin Technology Co., Ltd., Beijing Jilian Network Technology Co., Ltd., Shanghai Huahong Integrated Circuit Co., Ltd., Shenzhen Tongfang Electronic Equipment Co., Ltd. Company, Shanghai Forest Fruit Industry Co., Ltd., Shanghai Geer Software Co., Ltd. The main drafters of this standard. Zhan Banghua, Tan Jianfeng, You Lei, Liu Xun, Chen Da, Guo Sijian, Zhang Zhimao, Li Tian, Niu Yi. All content related to cryptographic algorithms in this standard shall be implemented in accordance with relevant national regulations. Dynamic password password application specifications1 ScopeThis standard specifies the dynamic password system, dynamic password generation method, dynamic token characteristics, authentication system, key management system, etc. content. This standard applies to the development and production of dynamic password related products, and can also be used to guide the testing of related products.2 Normative referencesThe following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this article For all undated references, the latest version (including all amendments) applies to this document. GB/T 2423.1-2008 Environmental testing of electric and electronic products Part 2.Test method Test A. Low temperature GB/T 2423.2-2008 Environmental testing of electric and electronic products Part 2.Test method Test B. High temperature GB/T 2423.8-1995 Environmental testing of electrical and electronic products Part 2.Test method Test Ed. Free fall GB/T 2423.9-2001 Environmental testing of electrical and electronic products Part 2.Test method for constant damp heat for testing Cb equipment GB/T 2423.10-2008 Environmental testing of electric and electronic products Part 2.Test method Test Fc. Vibration (sinusoidal) GB/T 2423.21-1991 Basic environmental test procedures for electrical and electronic products. Test M. Low-pressure test method GB/T 2423.22-2002 Environmental testing of electrical and electronic products Part 2.Test method N. Temperature change GB/T 2423.53-2005 Environmental testing of electrical and electronic products Part 2.Test method Test Xb is caused by hand friction Wear of marks and printed text GB/T 4208-2008 Enclosure protection grade (IP code) GB/T 17626.2-2006 Electromagnetic compatibility test and measurement technology Electrostatic discharge immunity test GB/T 18336.1-2008 Information Technology Security Technology Information Technology Security Evaluation Criteria Part 1.Introduction and General model GB/T 18336.2-2008 Information Technology Security Technology Information Technology Security Evaluation Criteria Part 2.Security Functions Claim GB/T 18336.3-2008 Information Technology Security Technology Information Technology Security Evaluation Criteria Part 3.Security Assurance Claim GB/T 21079.1-2007 Banking Security Encryption Equipment (Retail) Part 1.Concepts, Requirements and Evaluation Methods GM/T 0002-2012 SM4 block cipher algorithm GM/T 0004-2012 SM3 cryptographic hash algorithm GM/T 0005-2012 Random Number Testing Specification3 Terms and definitionsThe following terms and definitions apply to this document. 3.1 Dynamic token dynamicpasswordtoken;onetimepasswordtoken The carrier for generating and displaying dynamic passwords. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GM/T 0021-2023_English be delivered?Answer: Upon your order, we will start to translate GM/T 0021-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GM/T 0021-2023_English with my colleagues?Answer: Yes. The purchased PDF of GM/T 0021-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.Question 5: Should I purchase the latest version GM/T 0021-2023?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GM/T 0021-2023 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically. |
