DOCSLIB.ORG

Recommendation for Pair-Wise Key Establishment

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Archived NIST Technical Series Publication The attached publication has been archived (withdrawn), and is provided solely for historical purposes. It may have been superseded by another publication (indicated below). Archived Publication Series/Number: NIST Special Publication 800-56B Title: Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography Publication Date(s): August 2009 Withdrawal Date: September 30, 2014 Withdrawal Note: SP 800-56B is superseded in its entirety by the publication of SP 800-56B Revision 1 (September 2014). Superseding Publication(s) The attached publication has been superseded by the following publication(s): Series/Number: NIST Special Publication 800-56B Revision 1 Title: Recommendation for Pair-Wise Key-Establishment Schemes Using Integer Factorization Cryptography Author(s): Elaine Barker, Lily Chen, Dustin Moody Publication Date(s): September 2014 URL/DOI: http://dx.doi.org/10.6028/NIST.SP.800-56Br1 Additional Information (if applicable) Contact: Computer Security Division (Information Technology Lab) Latest revision of the SP 800-56B Revision 1 (as of July 15, 2015) attached publication: Related information: http://csrc.nist.gov/groups/ST/toolkit/key_management.html Withdrawal N/A announcement (link): Date updated: JuůLJϭϱ, 2015 NIST Special Publication 800-56B Recommendation for Pair-Wise August 2009 Key Establishment Schemes Using Integer Factorization Cryptography Elaine Barker, Lily Chen, Andrew Regenscheid, and Miles Smid C O M P U T E R S E C U R I T Y NIST SP 800-56B: Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography August 2009 Abstract This Recommendation specifies key establishment schemes using integer factorization cryptography, based on ANS X9.44, Key Establishment using Integer Factorization Cryptography [12], which was developed by the Accredited Standards Committee (ASC) X9, Inc. KEY WORDS: assurances; integer factorization cryptography; key agreement; key confirmation; key derivation; key establishment; key management; key recovery; key transport. 2 NIST SP 800-56B: Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography August 2009 Acknowledgements The National Institute of Standards and Technology (NIST) gratefully acknowledges and appreciates contributions by Rich Davis from the National Security Agency concerning the many security issues associated with this Recommendation. NIST also thanks the many contributions by the public and private sectors whose thoughtful and constructive comments improved the quality and usefulness of this publication. 3 NIST SP 800-56B: Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography August 2009 Authority This document has been developed by the National Institute of Standards and Technology (NIST) in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. NIST is responsible for developing standards and guidelines, including minimum requirements, for providing adequate information security for all agency operations and assets, but such standards and guidelines shall not apply to national security systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in A-130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in A-130, Appendix III. This Recommendation has been prepared for use by federal agencies. It may be used by nongovernmental organizations on a voluntary basis and is not subject to copyright. (Attribution would be appreciated by NIST.) Nothing in this document should be taken to contradict standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority. Nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, Director of the OMB, or any other federal official. Conformance testing for implementations of key establishment schemes, as specified in this Recommendation, will be conducted within the framework of the Cryptographic Module Validation Program (CMVP), a joint effort of NIST and the Communications Security Establishment Canada. An implementation of a key establishment scheme must adhere to the requirements in this Recommendation in order to be validated under the CMVP. The requirements of this Recommendation are indicated by the word “shall.” 4 NIST SP 800-56B: Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography August 2009 Table of Contents 1 Introduction.........................................................................................................10 2 Scope and Purpose ..............................................................................................10 3 Definitions, Symbols and Abbreviations............................................................11 3.1 Definitions...................................................................................................................... 11 3.2 Symbols and Abbreviations ........................................................................................... 18 4 Key Establishment Schemes Overview..............................................................24 4.1 Key Establishment Preparations by an Owner............................................................... 24 4.2 Key Agreement Process................................................................................................. 26 4.3 IFC-based Key Transport Process ................................................................................. 27 5 Cryptographic Elements .....................................................................................29 5.1 Cryptographic Hash Functions ...................................................................................... 29 5.2 Message Authentication Code (MAC) Algorithm......................................................... 29 5.2.1 MacTag Computation ........................................................................................ 29 5.2.2 MacTag Checking.............................................................................................. 30 5.2.3 Implementation Validation Message ................................................................. 30 5.3 Random Bit Generation ................................................................................................. 30 5.4 Prime Number Generators ............................................................................................. 30 5.5 Primality Testing Methods............................................................................................. 31 5.6 Nonces............................................................................................................................ 31 5.7 Symmetric Key-Wrapping Algorithms.......................................................................... 31 5.8 Mask Generation Function (MGF) ................................................................................ 32 5.9 Key Derivation Functions for Key Establishment Schemes.......................................... 33 5.9.1 Concatenation Key Derivation Function (Approved Alternative 1).................. 34 5.9.2 ASN.1 Key Derivation Function (Approved Alternative 2).............................. 36 6 RSA Key Pairs ....................................................................................................39 5 NIST SP 800-56B: Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography August 2009 6.1 General Requirements.................................................................................................... 39 6.2 Criteria for RSA Key Pairs for Key Establishment ....................................................... 40 6.2.1 Definition of a Key Pair..................................................................................... 40 6.2.2 Formats .............................................................................................................. 41 6.2.3 Parameter Length Sets ....................................................................................... 42 6.3 RSA Key Pair Generators .............................................................................................. 43 6.3.1 RSAKPG1 Family: RSA Key Pair Generation with a Fixed Public Exponent . 43 6.3.2 RSAKPG2 Family: RSA Key Pair Generation with a Random Public Exponent ............................................................................................................................ 45 6.4 Assurances of Validity................................................................................................... 48 6.4.1 Assurance of Key Pair Validity ......................................................................... 48 6.4.2 Recipient Assurances of Public Key Validity.................................................... 55 6.5 Assurances of Private Key Possession........................................................................... 56 6.5.1 Owner Assurance of Private Key Possession .................................................... 56 6.5.2 Recipient Assurance of Owner’s Possession of a Private Key.......................... 57 6.6 Key Confirmation .........................................................................................................
Recommended publications
  • Guidelines on Cryptographic Algorithms Usage and Key Management

    Guidelines on Cryptographic Algorithms Usage and Key Management

    EPC342-08 Version 7.0 4 November 2017 [X] Public – [ ] Internal Use – [ ] Confidential – [ ] Strictest Confidence Distribution: Publicly available GUIDELINES ON CRYPTOGRAPHIC ALGORITHMS USAGE AND KEY MANAGEMENT Abstract This document defines guidelines on cryptographic algorithms usage and key management. Document Reference EPC342-08 Issue Version 7.0 Date of Issue 22 November 2017 Reason for Issue Maintenance of document Produced by EPC Authorised by EPC Document History This document was first produced by ECBS as TR 406, with its latest ECBS version published in September 2005. The document has been handed over to the EPC which is responsible for its yearly maintenance. DISCLAIMER: Whilst the European Payments Council (EPC) has used its best endeavours to make sure that all the information, data, documentation (including references) and other material in the present document are accurate and complete, it does not accept liability for any errors or omissions. EPC will not be liable for any claims or losses of any nature arising directly or indirectly from use of the information, data, documentation or other material in the present document. Conseil Européen des Paiements AISBL– Cours Saint-Michel 30A – B 1040 Brussels Tel: +32 2 733 35 33 – Fax: +32 2 736 49 88 Enterprise N° 0873.268.927 – www.epc-cep.eu – [email protected] © 2016 Copyright European Payments Council (EPC) AISBL: Reproduction for non-commercial purposes is authorised, with acknowledgement of the source Table of Content MANAGEMENT SUMMARY ............................................................. 5 1 INTRODUCTION .................................................................... 7 1.1 Scope of the document ...................................................... 7 1.2 Document structure .......................................................... 7 1.3 Recommendations ............................................................ 8 1.4 Implementation best practices .........................................
  • Newhope: a Mobile Implementation of a Post-Quantum Cryptographic Key Encapsulation Mechanism

    Newhope: a Mobile Implementation of a Post-Quantum Cryptographic Key Encapsulation Mechanism

    Air Force Institute of Technology AFIT Scholar Theses and Dissertations Student Graduate Works 3-26-2020 NewHope: A Mobile Implementation of a Post-Quantum Cryptographic Key Encapsulation Mechanism Jessica A. Switzler Follow this and additional works at: https://scholar.afit.edu/etd Part of the Computer Sciences Commons Recommended Citation Switzler, Jessica A., "NewHope: A Mobile Implementation of a Post-Quantum Cryptographic Key Encapsulation Mechanism" (2020). Theses and Dissertations. 3190. https://scholar.afit.edu/etd/3190 This Thesis is brought to you for free and open access by the Student Graduate Works at AFIT Scholar. It has been accepted for inclusion in Theses and Dissertations by an authorized administrator of AFIT Scholar. For more information, please contact [email protected]. NewHope: A Mobile Implementation of a Post-Quantum Crytographic Key Encapsulation Mechanism THESIS Jessica A. Switzler AFIT-ENG-MS-20-M-063 DEPARTMENT OF THE AIR FORCE AIR UNIVERSITY AIR FORCE INSTITUTE OF TECHNOLOGY Wright-Patterson Air Force Base, Ohio DISTRIBUTION STATEMENT A APPROVED FOR PUBLIC RELEASE; DISTRIBUTION UNLIMITED. The views expressed in this document are those of the author and do not reflect the official policy or position of the United States Air Force, the United States Department of Defense or the United States Government. This material is declared a work of the U.S. Government and is not subject to copyright protection in the United States. AFIT-ENG-MS-20-M-063 NewHope: A Mobile Implementation of a Post-Quantum Crytographic Key Encapsulation Mechanism THESIS Presented to the Faculty Department of Electrical and Computer Engineering Graduate School of Engineering and Management Air Force Institute of Technology Air University Air Education and Training Command in Partial Fulfillment of the Requirements for the Degree of Master of Science in Cyber Operations Jessica A.
  • Guidelines on Cryptographic Algorithms Usage and Key Management

    Guidelines on Cryptographic Algorithms Usage and Key Management

    EPC342-08 Version 8.0 18 December 2018 [X] Public – [ ] Internal Use – [ ] Confidential – [ ] Strictest Confidence Distribution: Publicly available GUIDELINES ON CRYPTOGRAPHIC ALGORITHMS USAGE AND KEY MANAGEMENT Abstract This document defines guidelines on cryptographic algorithms usage and key management. Document EPC342-08 Reference Issue Version 8.0 Date of Issue 18 December 2018 Reason for Issue Publication on EPC website Produced by PSSG Authorised by EPC Conseil Européen des Paiements AISBL– Cours Saint-Michel 30A – B 1040 Brussels Tel: +32 2 733 35 33 – Fax: +32 2 736 49 88 Enterprise N° 0873.268.927 – www.epc-cep.eu – [email protected] © 2016 Copyright European Payments Council (EPC) AISBL: Reproduction for non-commercial purposes is authorised, with acknowledgement of the source Document History This document was first produced by ECBS as TR 406, with its latest ECBS version published in September 2005. The document has been handed over to the EPC which is responsible for its yearly maintenance. DISCLAIMER: Whilst the European Payments Council (EPC) has used its best endeavours to make sure that all the information, data, documentation (including references) and other material in the present document are accurate and complete, it does not accept liability for any errors or omissions. EPC will not be liable for any claims or losses of any nature arising directly or indirectly from use of the information, data, documentation or other material in the present document. 2 EPC342-08 v8.0 Approved Guidelines on cryptographic algorithms usage and key management_final TABLE OF CONTENT MANAGEMENT SUMMARY ....................................................................................................... 6 1 INTRODUCTION ................................................................................................................ 8 1.1 Scope of the document .............................................................
  • Rabin-P Key Encapsulation Mechanism a Proposal for Public Key Encryption for Cybersecurity Malaysia Myseal Initiative

    Rabin-P Key Encapsulation Mechanism a Proposal for Public Key Encryption for Cybersecurity Malaysia Myseal Initiative

    Rabin-p Key Encapsulation Mechanism A Proposal for Public Key Encryption for CyberSecurity Malaysia MySEAL Initiative January 2019 COVER SHEET 1. Name of proposed algorithm : Rabin-p Key Encapsulation Mechanism 2. Principal submitter : Muhammad Asyraf Asbullah 3. Email : ma [email protected] 4. Organization : Institute for Mathematical Research, Universiti Putra Malaysia (UPM) 5. Postal Address : Institute for Mathematical Research (INSPEM), Uni- versiti Putra Malaysia, 43400 UPM, Serdang, Selangor, MALAYSIA 6. Inventor : Muhammad Asyraf Asbullah, Muhammad Rezal Kamel Ar- iffin, Zahari Mahad 7. Owner : Universiti Putra Malaysia Signature: Muhammad Asyraf Asbullah i Contents List of Tables v Abbreviations vi Abstract 1 Acknowledgement 2 MySEAL Requirements 3 1 Introduction 5 1.1 Background . .5 1.2 Design Rationale . .6 2 Rabin-p Cryptosystem: The Design 9 2.1 System Parameters . .9 2.2 Rabin-p Key Generation Algorithm . 10 2.3 Rabin-p Encryption Algorithm . 10 2.4 Rabin-p Decryption Algorithm . 11 2.5 Proof of Correctness for Rabin-p Decryption . 11 2.6 Toy Example . 15 3 Rabin-p Cryptosystem: The Analysis 16 3.1 Reduction to Factoring N = p2q ................. 16 3.1.1 Algorithm for Factoring N = p2q ............ 17 3.1.2 A Toy Example . 18 ii 3.2 Computational Equivalent . 19 3.3 Analysis via Continued Fraction's Method . 20 3.4 Analysis via Coppersmith's Method . 22 3.5 Resistant to Novak's Attack . 23 3.6 Resistant to Chosen Ciphertext Attack . 24 4 Comparative Analysis 25 4.1 Security Level and Key Lengths . 25 4.2 Performance Efficiency . 27 4.2.1 Encryption . 27 4.2.2 Decryption .
  • A Proposal for an ISO Standard for Public Key Encryption (Version 2.0)

    A Proposal for an ISO Standard for Public Key Encryption (Version 2.0)

    A Proposal for an ISO Standard for Public Key Encryption (version 2.0) Victor Shoup IBM Zurich Research Lab, S¨aumerstr.4, 8803 R¨uschlikon,Switzerland [email protected] September 17, 2001 Abstract This document should be viewed less as a first draft of a standard for public-key encryption, and more as a proposal for what such a draft standard should contain. It is hoped that this proposal will serve as a basis for discussion, from which a consensus for a standard may be formed. Summary of Changes from version 1.1 (February 13, 2001) to ver- sion 2.0 (September 17, 2001) Some new and quite severe criticisms of the security of ECIES in certain modes of operation • have been added. Specifically, it is shown that in certain modes of operation, the scheme is malleable in a very strong and quite non-trivial sense. See 15 and in particular 15.6.4. x x The implementation of \cofactor mode" for ECIES is now based on the notion of \compatible • cofactor mode" in IEEE P1363a, and the \old cofactor mode" is no longer recommended. See 15 as well as 15.6.5. x x A new \primitive" called a data encapsulation mechanism has been introduced (see 4). This • primitive was implicit in previous versions, but now it has been made explicit. Thisx is mainly just a conceptual change. Note, however, that there is one slight change in the recommended implementation of the primitive (which we call DEM1); namely, the way in which the length of the label is formatted when passed to the MAC.
  • Establishment Schemes Using Integer Factorization Cryptography

    Establishment Schemes Using Integer Factorization Cryptography

    This publication is available free of charge from http://dx.doi.org/10.6028/NIST.SP.800-56Br1 NIST Special Publication 800-56B Revision 1 Recommendation for Pair-Wise Key- Establishment Schemes Using Integer Factorization Cryptography Elaine Barker Lily Chen Dustin Moody http://dx.doi.org/10.6028/NIST.SP.800-56Br1 C O M P U T E R S E C U R I T Y This publication is available free of charge from http://dx.doi.org/10.6028/NIST.SP.800-56Br1 NIST Special Publication 800-56B Revision 1 Recommendation for Pair-Wise Key- Establishment Schemes Using Integer Factorization Cryptography Elaine Barker Lily Chen Dustin Moody Computer Security Division Information Technology Laboratory This publication is available free of charge from: http://dx.doi.org/10.6028/NIST.SP.800-56Br1 September 2014 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Willie May, Acting Under Secretary of Commerce for Standards and Technology and Acting Director This publication is available free of charge from http://dx.doi.org/10.6028/NIST.SP.800-56Br1 Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. § 3541 et seq., Public Law 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for Federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate Federal officials exercising policy authority over such systems.
  • NIST SP 800-56B Rev. 1

    NIST SP 800-56B Rev. 1

    Archived NIST Technical Series Publication The attached publication has been archived (withdrawn), and is provided solely for historical purposes. It may have been superseded by another publication (indicated below). Archived Publication Series/Number: NIST Special Publication 800-56B Rev. 1 Title: Recommendation for Pair-Wise Key-Establishment Schemes Using Integer Factorization Cryptography Publication Date(s): September 2014 Withdrawal Date: March 21, 2019 Withdrawal Note: SP 800-56B Rev. 1 is superseded in its entirety by the publication of SP 800-56B Rev. 2. Superseding Publication(s) The attached publication has been superseded by the following publication(s): Series/Number: NIST Special Publication 800-56B Rev. 2 Title: Recommendation for Pair-Wise Key-Establishment Schemes Using Integer Factorization Cryptography Author(s): Elaine Barker; Lily Chen; Allen Roginsky; Apostol Vassilev; Richard Davis; Scott Simon Publication Date(s): March 2019 URL/DOI: https://doi.org/10.6028/NIST.SP.800-56Br2 Additional Information (if applicable) Contact: Computer Security Division (Information Technology Laboratory) Latest revision of the attached publication: Related information: https://csrc.nist.gov https://csrc.nist.gov/publications/detail/sp/800-56b/rev-1/archive/2014-10-01 Withdrawal N/A announcement (link): Date updated: March 25, 2019 This publication is available free of charge from http://dx.doi.org/10.6028/NIST.SP.800-56Br1 NIST Special Publication 800-56B Revision 1 Recommendation for Pair-Wise Key- Establishment Schemes Using Integer