|
US$869.00 · In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 32213-2015: Information security technology -- Public key infrastructure -- Specification for remote password authentication and key establishment
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 32213-2015 | English | 869 |
Add to Cart
|
6 days [Need to translate]
|
Information security technology -- Public key infrastructure -- Specification for remote password authentication and key establishment
| Valid |
GB/T 32213-2015
|
PDF similar to GB/T 32213-2015
Basic data | Standard ID | GB/T 32213-2015 (GB/T32213-2015) | | Description (Translated English) | Information security technology -- Public key infrastructure -- Specification for remote password authentication and key establishment | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.040 | | Word Count Estimation | 41,419 | | Date of Issue | 2015-12-10 | | Date of Implementation | 2016-08-01 | | Quoted Standard | GB/T 18238.3-2002; GB/T 25069-2010 | | Regulation (derived from) | National Standard Announcement 2015 No.38 | | Issuing agency(ies) | General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China | | Summary | This standard specifies the mathematical definition and structure identification and key establishment protocols based on asymmetric cryptography technology for remote password. This standard applies to the use of established technology identification system based password authentication and key design and development. | GB/T 32213-2015: Information security technology -- Public key infrastructure -- Specification for remote password authentication and key establishment
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology - Public key infrastructure - Specification for remote password authentication and key establishment
ICS 35.040
L80
National Standards of People's Republic of China
Information security technology - Public key infrastructure
Remote password authentication and key establishment Specification
Issued on. 2015-12-10
2016-08-01 implementation
Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
Standardization Administration of China released
Table of Contents
Introduction Ⅲ
Introduction Ⅳ
1 Scope 1
2 Normative references 1
3 Terms and definitions
4 Abbreviations 2
5 Symbol 2
6 Document Conventions 3
6.1 3 brackets
6.2 Step 4 and order
6.3 Method Parameter 4
6.4 Participants 4
7 mathematical definition 4
7.1 Operational Group 4
7.2 discrete logarithm system 4
7.3 Elliptic Curve System 5
8 Model 5
8.1 Overview 5
8.2 Primitives 6
8.3 Protocol 6
8.4 cryptographic function 7
9 primitive 7
9.1 Overview 7
9.2 7 primitive data type conversion
9.3 Public Key generated passwords associated primitive 8
9.4 Public Key generated primitive 10
9.5 password verification data generating primitive 11
9.6 Export primitive random elements 12
9.7 Export primitive secret value 14
9.8 Key retrieval primitives 18
10 19 Password Authentication key establishment protocol
10.1 BPKA-1 19
10.2 BPKA-2 20
10.3 BPKA-3 22
10.4 APKA-1 24
10.5 [DL] APKA- {2,3} 26
10.6 [EC] APKA-4 27
10.7 APKA-5 29
10.8 PKR-1 31
11 cryptographic function 32
11.1 hash function 32
11.2 mask generation function 32
11.3 33 function keys confirmed
11.4 yuan multiplication generating function 33
11.5 key derivation primitive 34
References 36
Foreword
This standard was drafted in accordance with GB/T 1.1-2009 given rules.
Please note that some of the content of this document may involve patents. Release mechanism of the present document does not assume responsibility for the identification of these patents.
This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points.
This standard was drafted. Institute of Software, Chinese Academy of Sciences, China Electronics Standardization Institute.
The main drafters. Zhang Liwu, FENG Deng, Zhang Zhenfeng, Gao Zhigang, Jingji Wu, Zhang Yan, Wang Peng Pina, Li Qiang, Duan Mei Jiao, high-energy,
Chen Xing.
Introduction
At present, the password-based entity authentication technology is the most widely used identification technology, and can be expected in the future for quite some time yet
It will serve as an important identification techniques exist. This is because the password is easy to remember, no additional carrier, easy to use; another
Aspects of password-based authentication protocols are usually simple and efficient for the user a huge amount of information systems. However, since the password is generally printable
The ASCII characters, choose a smaller space, so secure password-based authentication protocol design and implementation more difficult. Others do not
Factors benefit is that users tend to choose easy to remember and easy to use with a specific meaning word or phrase as a password, easier
Been affected dictionary attacks. Therefore, the choice when building secure password-based authentication system for password authentication protocol becomes particularly important.
Development of asymmetric cryptography provides a new direction for building construction protocol password-based authentication and key. By knot
Co asymmetric cryptography and password can construct a more secure password authentication key establishment protocols, and can provide resistance to offline brute-force attack, resist the word
Code of attack, forward security, safety and other important properties. The standard number of selected after extensive theoretical analysis and application verification protocol definitions
Mathematical basis of these agreements, the agreement process. This standard is based on design and development of password authentication system provides a reference.
Information security technology - Public key infrastructure
Remote password authentication and key establishment Specification
1 Scope
This standard defines the mathematical definition and structure identification and key establishment protocols based on asymmetric cryptography technology for remote password.
This standard applies to the use of established technology identification system based password authentication and key design and development.
2 Normative references
The following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein
Member. For undated references, the latest edition (including any amendments) applies to this document.
GB/T 18238.3-2002 Information technology - Security techniques - Hash - functions - Part 3. Dedicated hash function
GB/T 25069-2010 Information security technology terms
3 Terms and Definitions
GB/T 25069-2010 define the following terms and definitions apply to this document.
3.1
Exhaustive password/brute force attack passwordexhaustiveattack/brute-forceattack
By trying all possible password values, in order to obtain the actual password, and implementation of information security policy violation behavior.
3.2
Password cracking passwordcrack
Successful exhaustive/password brute-force attacks and password-related secret data or a successful attack on a password system password.
3.3
Multiple Hash iteratedhash
Repeatedly using a hash function for input hash calculation approach.
3.4
Low-grade password lowgradepassword
Susceptible to brute-force password/password brute-force attacks.
3.5
Password associated public password-entangledpublickey
Calculated from the public key and private key password.
3.6
Password Restrictions private password-limitedprivatekey
Calculated from the private key password, the private key is completely random from the password, and the password to limit its randomness randomness by.
3.7
Password restrictions public password-limitedpublickey
Restrictions from password authentication password for the private key to generate the correctness of the data.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 32213-2015_English be delivered?Answer: Upon your order, we will start to translate GB/T 32213-2015_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 32213-2015_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 32213-2015_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|