Publication CODE |
Title |
ISO/IEC 11770-3:2008 (2008-07) |
INFORMATION TECHNOLOGY -- SECURITY TECHNIQUES -- KEY MANAGEMENT -- PART 3: MECHANISMS USING ASYMMETRIC TECHNIQUES |
|
Price Excl. VAT |
Total number of pages, tables and drawings |
229.00 €
|
83 P.. |
Description
ISO/IEC 11770-3:2008 defines key management mechanisms based on asymmetric cryptographic techniques. It specifically addresses the use of asymmetric techniques to achieve the following goals.
- Establish a shared secret key for a symmetric cryptographic technique between two entities A and B by key agreement. In a secret key agreement mechanism, the secret key is the result of a data exchange between the two entities A and B. Neither of them can predetermine the value of the shared secret key.
- Establish a shared secret key for a symmetric cryptographic technique between two entities A and B by key transport. In a secret key transport mechanism, the secret key is chosen by one entity A and is transferred to another entity B, suitably protected by asymmetric techniques.
- Make an entity's public key available to other entities by key transport. In a public key transport mechanism, the public key of entity A must be transferred to other entities in an authenticated way, but not requiring secrecy.
Some of the mechanisms of ISO/IEC 11770-3:2008 are based on the corresponding authentication mechanisms in ISO/IEC 9798-3.
ISO/IEC 11770-3:2008 does not cover aspects of key management such as
- key lifecycle management,
- mechanisms to generate or validate asymmetric key pairs,
- mechanisms to store, archive, delete, destroy, etc. keys.
While ISO/IEC 11770-3:2008 does not explicitly cover the distribution of an entity's private key (of an asymmetric key pair) from a trusted third party to a requesting entity, the key transport mechanisms described can be used to achieve this. A private key can in all cases be distributed with these mechanisms where an existing, non-compromised key already exists. However, in practice the distribution of private keys is usually a manual process that relies on technological means like smart cards, etc.
ISO/IEC 11770-3:2008 does not cover the implementations of the transformations used in the key management mechanisms.
|
Class |
C990
(IEC PUBLICATIONS IEC PUBLICATIONS)
|
Committee |
ISO/IEC JTC 1/SC 27
IT SECURITY TECHNIQUES
|
BEC Approval |
2008-07-02 |
ICS-Code (International Standards Classification) |
35.030
|
NBN Status |
New |
|
IEC publication date |
2008-07-02 |
IEC last modification date |
2008-11-10 |
|