Skip to product information
1 of 4

PayPal, credit cards. Download editable-PDF and invoice in 1 second!

GB/T 15843.1-2017 English PDF (GBT15843.1-2017)

GB/T 15843.1-2017 English PDF (GBT15843.1-2017)

Regular price $210.00 USD
Regular price Sale price $210.00 USD
Sale Sold out
Shipping calculated at checkout.
Delivery: 3 seconds. Download true-PDF + Invoice.
Get QUOTATION in 1-minute: Click GB/T 15843.1-2017
Historical versions: GB/T 15843.1-2017
Preview True-PDF (Reload/Scroll if blank)

GB/T 15843.1-2017: Information technology -- Security techniques -- Entity authentication -- Part 1: General
GB/T 15843.1-2017
Information technology - Security techniques - Entity authentication - Part 1.General
ICS 35.040
L80
National Standards of People's Republic of China
Replace GB/T 15843.1-2008
Information technology security technology entity authentication
Part 1.General
2017-12-29 released
2018-07-01 implementation
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China
Issued by China National Standardization Administration
Table of contents
Foreword Ⅰ
Introduction Ⅱ
1 Scope 1
2 Normative references 1
3 Terms and definitions 1
4 Symbols and abbreviations 4
5 Identification model 5
6 General requirements and restrictions 6
Appendix A (informative appendix) Use of text fields 7
Appendix B (informative appendix) Time-varying parameters 8
Appendix C (informative appendix) Certificate 10
Reference 11
Preface
GB/T 15843 "Information Technology Security Technical Entity Identification" is divided into six parts.
---Part 1.General Provisions;
---Part 2.The mechanism of using symmetric encryption algorithms;
---Part 3.The mechanism of using digital signature technology;
---Part 4.Using the mechanism of password verification function;
---Part 5.The mechanism of adopting zero-knowledge technology;
---Part 6.Using the mechanism of manual data transfer.
This part is Part 1 of GB/T 15843.
This section was drafted in accordance with the rules given in GB/T 1.1-2009.
This part replaces GB/T 15843.1-2008 "Information Technology Security Technical Entity Authentication Part 1.Overview", and
Compared with GB/T 15843.1-2008, the main changes are as follows.
---Change the standard name to "Information Technology Security Technical Entity Identification Part 1.General Provisions";
---The preface adds Part 6 of GB/T 15843;
---Modified the term "asymmetric encryption method" "asymmetric signature method" "challenge" "decryption" "encryption" "subject" "private decryption key"
Definition of "symmetric encryption algorithm" and "token";
---The content of B.1 in Appendix B has been added, and the serial numbers of the original articles have been moved backward.
The translation method used in this part is equivalent to the adoption of ISO /IEC 9798-1.2010 "Information Technology Security Technical Entity Identification Part 1.
General Provisions.
Please note that certain contents of this document may involve patents. The issuing agency of this document is not responsible for identifying these patents.
This part is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260).
The main drafting units of this section. Data and Communication Protection Research and Education Center of Chinese Academy of Sciences, PWC Information Technology Co., Ltd.
The main drafters of this section. Wang Lei, Cha Daren, Xiang Ji, Shen Jiahui, Li Danyi, Jing Jiwu, Guo Xiaobo, Xie Chao.
The previous releases of the standards replaced by this part are.
---GB/T 15843.1-1995, GB/T 15843.1-1999, GB/T 15843.1-2008.
introduction
In real-time communication systems, entity authentication is an important basic security service. For specific applications and security goals, the entity authentication machine
The system can realize one-way authentication through one-time transmission protocol, and also complete one-way or two-way authentication between communicating entities through multiple transmission protocols.
The purpose of the entity authentication mechanism is to verify whether the claimant of a certain identity is the entity it claims. In cryptography, the reality of this target
It is now based on an infrastructure that can associate entity identities with public keys (e.g., public key infrastructure PKI), but this type of infrastructure
The establishment of implementation does not belong to the scope of GB/T 15843.
The entity authentication mechanism has two main models. One model is to confirm the identity of the claimant through direct communication between the claimant and the verifier; the other
One model is to verify the identity of the claimant through a trusted third party.
GB/T 15843 specifies the different types of entity authentication protocols in the entity authentication mechanism. The choice of entity authentication protocol is based on the system
The security features of the system include the following.
---Whether it is resistant to replay attacks;
--- Whether to resist reflection attacks;
--- Whether to resist violence delay;
---One-way or two-way authentication;
---Whether there is preset secret information that can be used, or whether a trusted third party is needed to help establish shared secret information.
For example, without paying attention to the specific system of replay attacks, only a simple transmission protocol between the claimant and the verifier can achieve entity authentication;
However, a complex communication system that may have a man-in-the-middle attack or replay attack requires a multi-transmission protocol to ensure security.
Information technology security technology entity authentication
Part 1.General
1 Scope
This part of GB/T 15843 specifies the authentication model and general constraint requirements in the entity authentication mechanism in detail, and is based on this verification
The authenticity of the entity's identity, the entity to be authenticated proves its identity by displaying some private information. The entity authentication mechanism determines how
Information exchange between entities, as well as information exchange between entities and trusted third parties.
The details of the entity authentication mechanism and the content of authentication exchange do not belong to the standard content of this part, and are in other parts of GB/T 15843
Regulations.
2 Normative references
This section does not use any normative references.
3 Terms and definitions
The following terms and definitions apply to this document.
3.1
Asymmetric cryptography
Two cryptographic techniques with related transformations are used. one is a public transformation defined by a public key, and the other is a private transformation defined by a private key.
There are transformations.
Note. Given the public transformation, it is computationally infeasible to derive the private transformation.
3.2
Asymmetric encryption method
Based on the encryption method of asymmetric cryptography, the public transformation is used for encryption and the private transformation is used for decryption.
3.3
Asymmetric key pair
A pair of related keys, where the private key defines the private transformation, and the public key defines the public transformation.
3.4
Asymmetric signature method
In the signature method based on asymmetric cryptography, the private transformation is used for signature and the public transformation is used for verification.
3.5
challenge
A data item randomly generated by the verifier and sent to the claimant. The claimant generates a data item together with the secret information it possesses.
A response is sent to the verifier.
3.6
Claimant
The authenticated entity itself or a representative entity for the purpose of verification.
Note. The claimant has the necessary parameters and private data for authentication exchange.
5 Identification model
The general model of the entity authentication mechanism is shown in Figure 1.All entities and exchanges do not need to appear in every authentication mechanism.
In the authentication mechanism involved in other par...
View full details