PayPal, credit cards. Download editable-PDF and invoice in 1 second!
GB/T 15843.4-2008 English PDF (GBT15843.4-2008)
GB/T 15843.4-2008 English PDF (GBT15843.4-2008)
Precio habitual
$140.00 USD
Precio habitual
Precio de oferta
$140.00 USD
Precio unitario
/
por
Los gastos de envío se calculan en la pantalla de pago.
No se pudo cargar la disponibilidad de retiro
Delivery: 3 seconds. Download true-PDF + Invoice.
Get QUOTATION in 1-minute: Click GB/T 15843.4-2008
Historical versions: GB/T 15843.4-2008
Preview True-PDF (Reload/Scroll if blank)
GB/T 15843.4-2008: Information technology -- Security techniques -- Entity authentication -- Part 4: Mechanisms using a cryptographic check function
GB/T 15843.4-2008
Information technology - Security techniques - Entity authentication - Part 4.Mechanisms using a cryptographic check function
ICS 35.040
L80
National Standards of People's Republic of China
Information technology security technology entity authentication
Part 4.Using the mechanism of password verification function
(ISO /IEC 9798-4..1999, IDT)
Released on.2008-06-19
Implementation of.2008-11-01
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China
Issued by China National Standardization Administration
Table of contents
Preface Ⅲ
Introduction Ⅳ
1 Scope 1
2 Normative references 1
3 Terms, definitions and symbols 1
4 Requirements 1
5 Mechanism 1
5.0 Overview 1
5.1 One-way authentication 2
5.1.1 One pass authentication 2
5.1.2 Two pass authentication 2
5.2 Mutual identification 3
5.2.1 Two-pass authentication 3
5.2.2 Three pass authentication 4
Appendix A (informative appendix) Use of text fields 5
Preface
GB/T 15843 "Information Technology Security Technical Entity Identification" is divided into five parts.
---Part 1.Overview
---Part 2.Mechanism of using symmetric encryption algorithm
---Part 3.Mechanism using digital signature technology
---Part 4.Using the mechanism of password verification function
---Part 5.The mechanism of adopting zero-knowledge technology
Other follow-up parts may be added in the future.
This part is Part 4 of GB/T 15843, which is equivalent to ISO /IEC 9798-4..1999 "Information Technology Security Technical Entities
Authentication Part 4.Mechanism of Using Password Verification Function", only for editorial modification.
This part replaces GB/T 15843.4-1999 "Information Technology Security Technical Entity Authentication Part 4.Using Password Verification Letter
Number Mechanism." Compared with GB/T 15843.4-1999, the main changes in this part are as follows.
--- This part deletes the ISO /IEC preface and adds an introduction.
--- This section is revised in accordance with GB/T 15843.1 to change some terms.
--- This part is consistent with ISO /IEC 9798-4..1999, and the 3.1, 3.2, and 3.3 in GB/T 15843.4-1999 are deleted.
--- This section deletes Appendix B, Appendix C, and Appendix D of GB/T 15843.4-1999, and uniformly uses GB/T 15843.1
Appendix B, Appendix C and references.
Appendix A of this section is an informative appendix.
This part is proposed and managed by the National Information Security Standardization Technical Committee.
The main drafting unit of this section. Data and Communication Protection Research and Education Center of the Chinese Academy of Sciences (State Key Laboratory of Information Security).
The main drafters of this section. Jing Jiwu, Lu Chunli, Xia Luning, Gaoneng, Xiang Ji.
The previous releases of the standards replaced by this part are.
---GB/T 15843.4-1999.
introduction
This part is equivalent to adopting the international standard ISO /IEC 9798-4..1999, which was developed by the ISO /IEC Joint Technical Committee JTC1 (Information Technology
Technology) Subcommittee SC27 (IT Security Technology) drafted.
This part defines the entity authentication mechanism using the cryptographic check function, which is divided into one-way authentication and mutual authentication. One-way identification
According to the number of message transmissions, it is divided into one-pass authentication and two-pass authentication; mutual authentication is divided into two according to the number of message transmissions
Pass authentication and three pass authentication.
For examples of password verification functions, see GB 15852.
All relevant content related to cryptographic algorithms in this section shall be implemented in accordance with relevant national regulations.
Information technology security technology entity authentication
Part 4.Using the mechanism of password verification function
1 scope
This section specifies the entity authentication mechanism using cryptographic verification functions. Two of them are the authentication of a single entity (one-way authentication).
The rest is the mutual authentication of the two entities.
The mechanisms specified in this section use time-varying parameters such as timestamps, serial numbers, or random numbers to prevent previously valid authentication information from being
Accepted or accepted multiple times.
If time stamps or serial numbers are used, only one transmission is required for one-way authentication, and two transmissions are required for mutual authentication. If you use
For the machine-number excitation-response method, one-way authentication requires two passes, and mutual authentication requires three passes.
See GB 15852 for examples of password verification functions.
2 Normative references
The clauses in the following documents become clauses of this part through reference in this part. For all dated reference documents, their subsequent
Some amendments (not including errata content) or revisions do not apply to this section. However, all parties who have reached an agreement based on this section are encouraged to study
Check whether the latest versions of these files can be used. For undated references, the latest version applies to this section.
3 Terms, definitions and symbols
The terms, definitions and symbols established in GB/T 15843.1-2008 apply to this section.
4 requirements
In the authentication mechanism specified in this section, the entity to be authenticated proves its identity by showing that it possesses a secret authentication key. This can
The entity uses its secret authentication key and password verification function to calculate a password verification value for the specified data. The password check value can be
Any other entity that has the entity’s secret authentication key to verify, other entities can recalculate the password verification value and compare it with the received value
Line comparison.
These authentication mechanisms have the following requirements. If any one of them is not met, the authentication process will be attacked or it will not succeed.
carry out.
a) The claimant who confirms its identity to the verifier shares a secret authentication key with the verifier. Before the formal launch of the authentication mechanism
Previously, this key should be known to all parties involved. The method of distributing keys to various entities is outside the scope of this section.
b) The secret authentication key shared by the claimant and the verifier should only be known to these two entities and other entities trusted by both parties.
c) The security strength of the mechanism depends on the length and security of the key, the characteristics of the password verification function, and the length of the password verification value.
These parameters should be carefully selected to meet the established security level. The selection of parameters and the security level may be specified in the security policy.
Exactly stipulated.
5 Mechanism
5.0 Overview
In these authentication mechanisms, entities A and B should share a secret key KB or two one-way secret keys before starting the authentication mechanism
KB and KBA. In the latter case, the one-way secret keys KB and KBA are used to authenticate A by B and A to B respectively.
Identify.
These mechanisms require the use of time-varying parameters such as timestamps, sequence numbers, or random numbers. The characteristics of these parameters, especially they are difficult to identify
The characteristics of repeated use during the li...
Get QUOTATION in 1-minute: Click GB/T 15843.4-2008
Historical versions: GB/T 15843.4-2008
Preview True-PDF (Reload/Scroll if blank)
GB/T 15843.4-2008: Information technology -- Security techniques -- Entity authentication -- Part 4: Mechanisms using a cryptographic check function
GB/T 15843.4-2008
Information technology - Security techniques - Entity authentication - Part 4.Mechanisms using a cryptographic check function
ICS 35.040
L80
National Standards of People's Republic of China
Information technology security technology entity authentication
Part 4.Using the mechanism of password verification function
(ISO /IEC 9798-4..1999, IDT)
Released on.2008-06-19
Implementation of.2008-11-01
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China
Issued by China National Standardization Administration
Table of contents
Preface Ⅲ
Introduction Ⅳ
1 Scope 1
2 Normative references 1
3 Terms, definitions and symbols 1
4 Requirements 1
5 Mechanism 1
5.0 Overview 1
5.1 One-way authentication 2
5.1.1 One pass authentication 2
5.1.2 Two pass authentication 2
5.2 Mutual identification 3
5.2.1 Two-pass authentication 3
5.2.2 Three pass authentication 4
Appendix A (informative appendix) Use of text fields 5
Preface
GB/T 15843 "Information Technology Security Technical Entity Identification" is divided into five parts.
---Part 1.Overview
---Part 2.Mechanism of using symmetric encryption algorithm
---Part 3.Mechanism using digital signature technology
---Part 4.Using the mechanism of password verification function
---Part 5.The mechanism of adopting zero-knowledge technology
Other follow-up parts may be added in the future.
This part is Part 4 of GB/T 15843, which is equivalent to ISO /IEC 9798-4..1999 "Information Technology Security Technical Entities
Authentication Part 4.Mechanism of Using Password Verification Function", only for editorial modification.
This part replaces GB/T 15843.4-1999 "Information Technology Security Technical Entity Authentication Part 4.Using Password Verification Letter
Number Mechanism." Compared with GB/T 15843.4-1999, the main changes in this part are as follows.
--- This part deletes the ISO /IEC preface and adds an introduction.
--- This section is revised in accordance with GB/T 15843.1 to change some terms.
--- This part is consistent with ISO /IEC 9798-4..1999, and the 3.1, 3.2, and 3.3 in GB/T 15843.4-1999 are deleted.
--- This section deletes Appendix B, Appendix C, and Appendix D of GB/T 15843.4-1999, and uniformly uses GB/T 15843.1
Appendix B, Appendix C and references.
Appendix A of this section is an informative appendix.
This part is proposed and managed by the National Information Security Standardization Technical Committee.
The main drafting unit of this section. Data and Communication Protection Research and Education Center of the Chinese Academy of Sciences (State Key Laboratory of Information Security).
The main drafters of this section. Jing Jiwu, Lu Chunli, Xia Luning, Gaoneng, Xiang Ji.
The previous releases of the standards replaced by this part are.
---GB/T 15843.4-1999.
introduction
This part is equivalent to adopting the international standard ISO /IEC 9798-4..1999, which was developed by the ISO /IEC Joint Technical Committee JTC1 (Information Technology
Technology) Subcommittee SC27 (IT Security Technology) drafted.
This part defines the entity authentication mechanism using the cryptographic check function, which is divided into one-way authentication and mutual authentication. One-way identification
According to the number of message transmissions, it is divided into one-pass authentication and two-pass authentication; mutual authentication is divided into two according to the number of message transmissions
Pass authentication and three pass authentication.
For examples of password verification functions, see GB 15852.
All relevant content related to cryptographic algorithms in this section shall be implemented in accordance with relevant national regulations.
Information technology security technology entity authentication
Part 4.Using the mechanism of password verification function
1 scope
This section specifies the entity authentication mechanism using cryptographic verification functions. Two of them are the authentication of a single entity (one-way authentication).
The rest is the mutual authentication of the two entities.
The mechanisms specified in this section use time-varying parameters such as timestamps, serial numbers, or random numbers to prevent previously valid authentication information from being
Accepted or accepted multiple times.
If time stamps or serial numbers are used, only one transmission is required for one-way authentication, and two transmissions are required for mutual authentication. If you use
For the machine-number excitation-response method, one-way authentication requires two passes, and mutual authentication requires three passes.
See GB 15852 for examples of password verification functions.
2 Normative references
The clauses in the following documents become clauses of this part through reference in this part. For all dated reference documents, their subsequent
Some amendments (not including errata content) or revisions do not apply to this section. However, all parties who have reached an agreement based on this section are encouraged to study
Check whether the latest versions of these files can be used. For undated references, the latest version applies to this section.
3 Terms, definitions and symbols
The terms, definitions and symbols established in GB/T 15843.1-2008 apply to this section.
4 requirements
In the authentication mechanism specified in this section, the entity to be authenticated proves its identity by showing that it possesses a secret authentication key. This can
The entity uses its secret authentication key and password verification function to calculate a password verification value for the specified data. The password check value can be
Any other entity that has the entity’s secret authentication key to verify, other entities can recalculate the password verification value and compare it with the received value
Line comparison.
These authentication mechanisms have the following requirements. If any one of them is not met, the authentication process will be attacked or it will not succeed.
carry out.
a) The claimant who confirms its identity to the verifier shares a secret authentication key with the verifier. Before the formal launch of the authentication mechanism
Previously, this key should be known to all parties involved. The method of distributing keys to various entities is outside the scope of this section.
b) The secret authentication key shared by the claimant and the verifier should only be known to these two entities and other entities trusted by both parties.
c) The security strength of the mechanism depends on the length and security of the key, the characteristics of the password verification function, and the length of the password verification value.
These parameters should be carefully selected to meet the established security level. The selection of parameters and the security level may be specified in the security policy.
Exactly stipulated.
5 Mechanism
5.0 Overview
In these authentication mechanisms, entities A and B should share a secret key KB or two one-way secret keys before starting the authentication mechanism
KB and KBA. In the latter case, the one-way secret keys KB and KBA are used to authenticate A by B and A to B respectively.
Identify.
These mechanisms require the use of time-varying parameters such as timestamps, sequence numbers, or random numbers. The characteristics of these parameters, especially they are difficult to identify
The characteristics of repeated use during the li...
Share
