Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
March, 2007<br />
8. Domain parameters (e.g., the domain parameters used by DSA or ECDSA, or a pointer to<br />
them)<br />
9. Status or state of the key<br />
10. Key encrypting key identifier (e.g., key wrapping key identifier, algorithm for the key<br />
wrapping algorithm, etc.)<br />
11. Integrity protection mechanism (e.g., key and algorithm used to provide cryptographic<br />
protection, and protection code (e.g., MAC, digital signature))<br />
12. Other information (e.g., length of the key, protection requirements, who has access rights,<br />
additional conditions for use)<br />
6.2.3.2 Labels for Related Cryptographic Information<br />
Cryptographic information other than keying material may need a label to “point to” the keying<br />
material that was used to provide the cryptographic protection for the information. The label may<br />
also contain other related cryptographic information. When labels are used, the label should<br />
accompany the information (i.e., is typically stored or transmitted with the information) and<br />
contain some subset of the following information:<br />
1. The type of information (e.g., domain parameters)<br />
2. Source of the information (e.g., the entity that sent the information)<br />
3. Application (e.g., purchasing, email)<br />
4. Other associated cryptographic information (e.g., a key, MAC or hash value)<br />
5. Any other information (e.g., who has access rights).<br />
84