Skip to main content
SpringerLink
Log in

Standardization of cryptographic techniques

  • Conference paper
  • First Online:
Computer Security and Industrial Cryptography

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 741))

Abstract

An overview of standardization activities in the field of cryptography is given, including a description of worldwide, European, and North-American standard organizations. More details are given on the status of the work on open systems and within the committees ISO/TC68 and ISO/IEC JTC1/SC27.

NFWO aspirant navorser, sponsored by the National Fund for Scientific Research (Belgium).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ANSI X3.92-1981, “American National Standard for Information Systems — Data Encryption Algorithm (DEA),” ANSI, New York.

    Google Scholar 

  2. ANSI X3.106-1983, “American National Standard for Information Systems — Modes of Operation,” ANSI, New York.

    Google Scholar 

  3. ANSI X9.9-1986 (Revised), “American National Standard for Financial Institution Message Authentication (Wholesale),” ANSI, New York.

    Google Scholar 

  4. ANSI X9.17-1985, “American National Standard for Financial Institution Key Management (Wholesale),” ANSI, New York.

    Google Scholar 

  5. ANSI X9.19-1986, “American National Standard for Financial Institution Key Management (Retail),” ANSI, New York.

    Google Scholar 

  6. ANSI X9.30, “Digital Signatures for Financial Data Using Public Key Cryptography,” ANSI, New York, April 20, 1991.

    Google Scholar 

  7. B.O. Brachtl, D. Coppersmith, M.M. Hyden, S.M. Matyas, C.H. Meyer, J. Oseas, S. Pilpel, and M. Schilling, “Data Authentication Using Modification Detection Codes Based on a Public One Way Encryption Function,” U.S. Patent Number 4,908,861, March 13, 1990.

    Google Scholar 

  8. C.C.I.T.T. X.400, “Message Handling/Information Processing Systems,” C.C.I.T.T. Recommendation, 1988.

    Google Scholar 

  9. C.C.I.T.T. X.500, “The Directory — Overview of Concepts,” C.C.I.T.T. Recommendation, 1988, (same as ISO/IEC 9594-1, 1989).

    Google Scholar 

  10. C.C.I.T.T. X.509, “The Directory — Authentication Framework,” C.C.I.T.T. Recommendation, 1988, (same as ISO/IEC 9594-8, 1989).

    Google Scholar 

  11. D. Coppersmith, “Analysis of ISO/CCITT Document X.509 Annex D,” IBM T.J. Watson Center, Yorktown Heights, N.Y., 10598, Internal Memo, June 11, 1989, (also ISO/IEC JTC1/SC20/WG2/N160).

    Google Scholar 

  12. D. Davies and W.L. Price, “Security for Computer Networks: an Introduction to Data Security in Teleprocessing and Electronic Funds Transfer (2nd edition),” Wiley & Sons, 1989.

    Google Scholar 

  13. M. De Soete and K. Vedder, “Authentication standards,” Proc. of the 3rd symposium on State and Progress of Research in Cryptography, W. Wolfowicz, Ed., Fondazione Ugo Bordoni, 1993, pp. 207–218.

    Google Scholar 

  14. DoD 5200.28-STD, “Trusted Computer Systems Evaluation Criteria,” Department of Defense, U.S.A., December 1985.

    Google Scholar 

  15. FIPS 46, “Data Encryption Standard,” Federal Information Processing Standard, National Bureau of Standards, U.S. Department of Commerce, Washington D.C., January 1977.

    Google Scholar 

  16. FIPS 74, “Guidelines for Implementing and Using the NBS Data Encryption Standard,” Federal Information Processing Standard, National Bureau of Standards, US Department of Commerce, Washington D.C., April 1981.

    Google Scholar 

  17. FIPS 81, “DES Modes of Operation,” Federal Information Processing Standard, National Bureau of Standards, US Department of Commerce, Washington D.C., December 1980.

    Google Scholar 

  18. FIPS 112, “Password Usage,” Federal Information Processing Standards, National Bureau of Standards, National Bureau of Standards, US Department of Commerce, Washington D.C., May 1985.

    Google Scholar 

  19. FIPS 113, “Computer Data Authentication,” Federal Information Processing Standard, National Bureau of Standards, US Department of Commerce, Washington D.C., May 1985.

    Google Scholar 

  20. FIPS xxx, “Digital Signature Standard,” Federal Information Processing Standard, Draft, National Institute of Standards and Technology, US Department of Commerce, Washington D.C., August 30, 1991.

    Google Scholar 

  21. FIPS yyy, “Secure Hash Standard,” Federal Information Processing Standard, Draft, National Institute of Standards and Technology, US Department of Commerce, Washington D.C., January 31, 1992.

    Google Scholar 

  22. FS 1027, “Telecommunications: General security requirements for equipment using the Data Encryption Standard,” Federal Standard, General Services Administration, April 1982.

    Google Scholar 

  23. FS 1028, “Interoperability and Security Requirements For Use of the Data Encryption Standard With CCITT Group S Facsimile Equipment,” Federal Standard, General Services Administration, April 1985.

    Google Scholar 

  24. L.C. Guillou, M. Davio, and J.-J. Quisquater, “Public-Key Techniques: Randomness and Redundancy,” Cryptologia, Vol. 13, April 1989, pp. 167–189.

    Google Scholar 

  25. L.C. Guillou, J.-J. Quisquater, M. Walker, P. Landrock, and C. Shaer, “Precautions taken against various potential attacks in ISO/IEC/DIS9796,” Advances in Cryptology, Proc. Eurocrypt'90, LNCS 473, I.B. Damgård, Ed., Springer-Verlag, 1991, pp. 465–473.

    Google Scholar 

  26. L.C. Guillou, M. Ugon, and J.-J. Quisquater, “The smart card: a standardized security device dedicated to public cryptology,” in “Contemporary Cryptology: The Science of Information Integrity,” G.J. Simmons, Ed., IEEE Press, 1991, pp. 561–613.

    Google Scholar 

  27. C.I' Anson and C.J. Mitchell, “Security defects in CCITT recommendation X.509 — The Directory — Authentication Framework,” ACM Computer Communication Review, Vol. 20, No. 2, 1990, pp. 30–34.

    Google Scholar 

  28. IEEE 802.10, “Standards for Interoperable Local Area Network (LAN) Security (SILS),” Unapproved Draft IEEE Standard P802.10, September 12, 1989.

    Google Scholar 

  29. ISO/IEC 7498-2, “Information processing — Open systems interconnection — Basic reference model — Part 2: Security architecture,” ISO/IEC, 1987.

    Google Scholar 

  30. ISO 8372, “Information processing — Data cryptographic techniques — Modes of operation for a 64-bit block cipher algorithm,” ISO, 1987.

    Google Scholar 

  31. ISO 8730, “Banking — Requirements for message authentication (wholesale),” ISO, 1990.

    Google Scholar 

  32. ISO 8731-1, “Banking — approved algorithms for message authentication — Part 1: DEA,” ISO, 1987.

    Google Scholar 

  33. ISO 8731-2, “Banking — approved algorithms for message authentication — Part 2: Message Authentication Algorithm (MAA),” ISO, 1987.

    Google Scholar 

  34. ISO 8732, “Banking — Key management (wholesale),” ISO, 1989.

    Google Scholar 

  35. ISO/IEC 9160, “Information Technology — Data cryptographic techniques — Physical layer interoperability requirements,” ISO/IEC, 1988.

    Google Scholar 

  36. ISO/IEC 9594-8, “Information technology — Open systems interconnection — The directory— Part 8: Authentication framework,” ISO/IEC, 1990.

    Google Scholar 

  37. ISO/IEC 9796, “Information technology — Security techniques — Digital signature scheme giving message recovery,” ISO/IEC, 1991.

    Google Scholar 

  38. ISO/IEC 9797, “Information technology — Data cryptographic techniques — Data integrity mechanisms using a cryptographic check function employing a block cipher algorithm,” ISO/IEC, 1989.

    Google Scholar 

  39. ISO/IEC 9798-2, “Information technology — Security techniques — Entity authentication — Part 1: General model,” ISO/IEC, 1991.

    Google Scholar 

  40. ISO/IEC DIS 9798-2, “Information technology — Security techniques — Entity authentication — Part 2: Entity authentication using symmetric techniques,” ISO/IEC, 1993.

    Google Scholar 

  41. ISO/IEC 9798-3, “Information technology — Security techniques — Entity authentication — Part 3: Entity authentication using a public key algorithm,” ISO/IEC, 1993.

    Google Scholar 

  42. ISO DIS 9807, “Banking and related financial services — Requirements for message authentication (retail),” ISO, 1992.

    Google Scholar 

  43. ISO/IEC 9979, “Information technology — Security techniques — Procedures for the registration of cryptographic algorithms,” ISO/IEC, 1991.

    Google Scholar 

  44. ISO/IEC 10116, “Information technology — Security techniques — Modes of operation of an n-bit block cipher algorithm,” ISO/IEC, 1991.

    Google Scholar 

  45. ISO/IEC DIS 10118-1, “Information technology — Security techniques — Hashfunctions — Part 1: General,” ISO/IEC, 1992.

    Google Scholar 

  46. ISO/IEC DIS 10118-2, “Information technology — Security techniques — Hashfunctions — Part 2: Hash-functions using an n-bit block cipher algorithm,” ISO/IEC, 1992.

    Google Scholar 

  47. ISO/IEC WD 11770, “Information technology — Security techniques — Key management — Part 1: Framework,” ISO/IEC SC27/N644, 1992.

    Google Scholar 

  48. ISO/IEC CD 11770, “Information technology — Security techniques — Key management — Part 2: Key management mechanisms using symmetric techniques,” ISO/IEC, 1992.

    Google Scholar 

  49. ISO/IEC WD 11770, “Information technology — Security techniques — Key management — Part 3: Key management mechanisms using asymmetric techniques,” ISO/IEC SC27/WG2/N190, 1993.

    Google Scholar 

  50. ITAEGV, “Taxonomy of security standardisation,” Version 2.0, ITAEGV/N69, April 1992.

    Google Scholar 

  51. ITSEC, “Information Technology Security Evaluation Criteria (ITSEC),” Provisional Harmonised Criteria, Version 1.2, June 1991.

    Google Scholar 

  52. ITSEM, “Information Technology Security Evaluation Manual (ITSEM),” Version 0.2, April 1992.

    Google Scholar 

  53. J. Lindballe, “Standardization and Data Security,” Proceedings Secubank '88, Datakontext-Verlag, pp. 286–299.

    Google Scholar 

  54. S.M. Matyas, C.H. Meyer, and J. Oseas, “Generating strong one-way functions with cryptographic algorithm,” IBM Techn. Disclosure Bull., Vol. 27, No. 10A, 1985, pp. 5658–5659.

    Google Scholar 

  55. C.H. Meyer and M. Schilling, “Secure program load with Manipulation Detection Code,” Proc. Securicom 1988, pp. 111–130.

    Google Scholar 

  56. C. Mitchell, M. Walker, and D. Rush, “CCITT/ISO standards for secure message handling,” IEEE Journal on Selected Areas in Communications, Vol. 7, May 1989, pp. 517–524.

    Google Scholar 

  57. NCSC TNI, “Trusted Network Interpretation,” National Computer Security Center, July 1987.

    Google Scholar 

  58. SDN.301, “Secure Data Network Systems Security Protocol 3 (SP3),” National Security Agency and National Institute of Standards and Technology, Revision 1.5, May 1989.

    Google Scholar 

  59. SDN.401, “Secure Data Network Systems Security Protocol 4 (SP4),” National Security Agency and National Institute of Standards and Technology, Revision 1.3, May 1989.

    Google Scholar 

  60. D. Pinkas, T. Parker, and P. Kaijser, “SESAME (Secure European System for Applications in a Multivendor Environment): an Introduction”, Technical Report, February 1993.

    Google Scholar 

  61. W.L. Price, “Progress in data security standardization,” Advances in Cryptology, Proc. Crypto'89, LNCS 435, G. Brassard, Ed., Springer-Verlag, 1990, pp. 620–623.

    Google Scholar 

  62. B. Preneel, R. Govaerts, and J. Vandewalle, “Information authentication: hash functions and digital signatures,” this volume.

    Google Scholar 

  63. D.W. Roberts, “Evaluation criteria for IT security,” this volume.

    Google Scholar 

  64. R.A. Rueppel, “Criticism of ISO CD 11166, Banking — Key management by means of asymmetric algorithms,” Proc. of the 3rd symposium on State and Progress of Research in Cryptography, W. Wolfowicz, Ed., Fondazione Ugo Bordoni, 1993, pp. 191–198.

    Google Scholar 

  65. M.E. Smid and D.K. Branstad, “The Data Encryption Standard: Past and Future,” in “Contemporary Cryptology: The Science of Information Integrity,” G.J. Simmons, Ed., IEEE Press, 1991, pp. 45–64.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ESAT-COSIC Laboratory, K.U.Leuven, K. Mercierlaan 94, B-3001, Leuven, Belgium

    Bart Preneel

Authors
  1. Bart Preneel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Bart Preneel René Govaerts Joos Vandewalle

Rights and permissions

Reprints and permissions

Copyright information

© 1993 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Preneel, B. (1993). Standardization of cryptographic techniques. In: Preneel, B., Govaerts, R., Vandewalle, J. (eds) Computer Security and Industrial Cryptography. Lecture Notes in Computer Science, vol 741. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-57341-0_60

Download citation

  • DOI: https://doi.org/10.1007/3-540-57341-0_60

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-57341-8

  • Online ISBN: 978-3-540-48074-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation