Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ... Part 1: General - Computer Security Resource Center - National ...
APPENDIX C: References [AC] Applied Cryptography, Schneier, John Wiley & Sons, 1996. [ANSX9.31] Digital Signatures using reversible Public Key Cryptography for the Financial Services Industry (rDSA), 1998. March, 2007 [ANSX9.42] Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using discrete Logarithm Cryptography, 2001. [ANSX9.44] Public Key Cryptography for the Financial Services Industry: Key Agreement Using Factoring-Based Cryptography, (Insert date when published). [ANSX9.52] Triple Data Encryption Algorithm Modes of Operation, July, 1998. [ANSX9.62] Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), 1998. [ANSX9.63] Public Key Cryptography for the Financial Services Industry: Key Agreement and Key Transport Using Elliptic Curve Cryptography, [Insert Date]. [ANSX9.82] Random Number Generation (Insert data when published). [DiCrescenzo] How to forget a secret, G. Di Crescenzo, N. Ferguson, R. Impagliazzo, and M Jakobsson, STACS ’99, Available via http://www.rsasecrutiy.com/rsalabs/~markus. [DOD-KRP] Key Recovery Policy for the United States Department of Defense, Version 3.0, 31 August 2003, DoD KRP, Attn: I5P, 9800 Savage Road, STE 6737, Ft Meade, MD, 20755-6737. [FIPS46-3] Federal Information Processing Standard 46-3, Data Encryption Standard (DES), October 25, 1999. [FIPS140-2] Federal Information Processing Standard 140-2, Security Requirements for Cryptographic Modules, May 25, 2001. [FIPS180-2] Federal Information Processing Standard 180-2, Secure Hash Standard (SHS), August 2002. [FIPS186-3] Federal Information Processing Standard 186-3, Digital Signature Standard (DSS), (Revision of FIPS 186-2, June 2000), to be published. [FIPS197] Federal Information Processing Standard 197, Advanced Encryption Standard (AES), November 2001. [FIPS198] Federal Information Processing Standard 198, Keyed-Hash Message Authentication Code (HMAC), [Insert Date]. [FIPS199] Federal Information Processing Standard 199, Standards for Security Categorization of Federal Information and Information Systems, v 1.0, May 2003. 139
[HAC] Handbook of Applied Cryptography, Menezes, van Oorschot and Vanstone, CRC Press, 1996. March, 2007 [ITLBulletin] Techniques for System and Data Recovery, NIST ITL Computer Security Bulletin, April 2002. [OMB11/01] OMB Guidance to Federal Agencies on Data Availability and Encryption, Office of Management and Budget, 26 November 2001. [PKCS#1] PKCS #1 v2.1, RSA Cryptography Standard, RSA Laboratories, June 14, 2002. [RFC2560] Request for Comment 2560, X.509 Internet Public Key Infrastructure, Online Certificate Status Protocol – OCSP, IETF Standards Track, June 1999. [SP800-5] Special Publication 800-5, A Guide to the Selection of Anti-Virus Tools and Techniques, December 1992. [SP800-14] Special Publication 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, September 1996. [SP800-21] Special Publication 800-21, Guideline for Implementing Cryptography in the Federal Government, November 1999. [SP800-32] Special Publication 800-32, Introduction to Public Key Technology and the Federal PKI Infrastructure, February 2001. [SP800-37] Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems, May 2004. [SP800-38] Special Publication 800-38, Recommendation for Block Cipher Modes of Operation: 38A, Methods and Techniques, December 2001; 38B, The RMAC Authentication Mode, November 5 2002 draft; 38C, The CCM Mode for Authentication and Confidentiality, May 2004. [SP800-38A] Special Publication 800-38A, Recommendation for Block Cipher Modes of Operation-Methods and Techniques, December 2001. [SP800-38B] Special Publication 800-38B, Recommendation for Block Cipher Modes of Operation: The RMAC Authentication Mode, (Insert date). [SP800-56] Special Publication 800-56, Recommendation on Key Establishment Schemes, (Insert date). [SP800-67] Special Publication 800-67, Recommendation for Triple Data Encryption Algorithm Block Cipher, May 2004. 140
- Page 89 and 90: March, 2007 a. A private signature
- Page 91 and 92: 2 Pre-Operational Phase 3 7 1 4 Ope
- Page 93 and 94: March, 2007 8.1 Pre-operational Pha
- Page 95 and 96: 8.1.5.1.1 Distribution of Static Pu
- Page 97 and 98: March, 2007 and then provide eviden
- Page 99 and 100: March, 2007 listed in Section 8.1.5
- Page 101 and 102: March, 2007 encrypting key or publi
- Page 103 and 104: March, 2007 8.1.5.3.5 Intermediate
- Page 105 and 106: March, 2007 of keying material and
- Page 107 and 108: March, 2007 2. The application in w
- Page 109 and 110: March, 2007 and the key derivation
- Page 111 and 112: March, 2007 Type of Key Archive? Re
- Page 113 and 114: March, 2007 All records of the enti
- Page 115 and 116: March, 2007 other cryptographic inf
- Page 117 and 118: March, 2007 access to information e
- Page 119 and 120: March, 2007 1. Private key used to
- Page 121 and 122: March, 2007 10.2 Content of the Key
- Page 123 and 124: March, 2007 Management Specificatio
- Page 125 and 126: March, 2007 is the same value as th
- Page 127 and 128: March, 2007 If the decision is made
- Page 129 and 130: March, 2007 only, and then shall be
- Page 131 and 132: March, 2007 may be stored in backup
- Page 133 and 134: March, 2007 and the method of key r
- Page 135 and 136: March, 2007 ephemeral key pairs, an
- Page 137 and 138: B.3.14.7 Key Control Information Ma
- Page 139: March, 2007 to be saved. Keys for t
- Page 143: March, 2007 the owner by the CA tha
[HAC] Handbook of Applied Cryptography, Menezes, van Oorschot and<br />
Vanstone, CRC Press, 1996.<br />
March, 2007<br />
[ITLBulletin] Techniques for System and Data Recovery, NIST ITL <strong>Computer</strong> <strong>Security</strong><br />
Bulletin, April 2002.<br />
[OMB11/01] OMB Guidance to Federal Agencies on Data Availability and Encryption,<br />
Office of Management and Budget, 26 November 2001.<br />
[PKCS#1] PKCS #1 v2.1, RSA Cryptography Standard, RSA Laboratories, June 14,<br />
2002.<br />
[RFC2560] Request for Comment 2560, X.509 Internet Public Key Infrastructure,<br />
Online Certificate Status Protocol – OCSP, IETF Standards Track, June<br />
1999.<br />
[SP800-5] Special Publication 800-5, A Guide to the Selection of Anti-Virus Tools<br />
and Techniques, December 1992.<br />
[SP800-14] Special Publication 800-14, <strong>General</strong>ly Accepted Principles and Practices<br />
for Securing Information Technology Systems, September 1996.<br />
[SP800-21] Special Publication 800-21, Guideline for Implementing Cryptography in<br />
the Federal Government, November 1999.<br />
[SP800-32] Special Publication 800-32, Introduction to Public Key Technology and<br />
the Federal PKI Infrastructure, February 2001.<br />
[SP800-37] Special Publication 800-37, Guide for the <strong>Security</strong> Certification and<br />
Accreditation of Federal Information Systems, May 2004.<br />
[SP800-38] Special Publication 800-38, Recommendation for Block Cipher Modes of<br />
Operation: 38A, Methods and Techniques, December 2001; 38B, The<br />
RMAC Authentication Mode, November 5 2002 draft; 38C, The CCM<br />
Mode for Authentication and Confidentiality, May 2004.<br />
[SP800-38A] Special Publication 800-38A, Recommendation for Block Cipher Modes<br />
of Operation-Methods and Techniques, December 2001.<br />
[SP800-38B] Special Publication 800-38B, Recommendation for Block Cipher Modes<br />
of Operation: The RMAC Authentication Mode, (Insert date).<br />
[SP800-56] Special Publication 800-56, Recommendation on Key Establishment<br />
Schemes, (Insert date).<br />
[SP800-67] Special Publication 800-67, Recommendation for Triple Data Encryption<br />
Algorithm Block Cipher, May 2004.<br />
140
Change language