ANSI X9.42 : 2003(R2013)
Current
The latest, up-to-date edition.
PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES: AGREEMENT OF SYMMETRIC KEYS USING DISCRETE LOGARITHM CRYPTOGRAPHY
01-01-2013
1 SCOPE
2 NORMATIVE REFERENCES
3 DEFINITIONS
4 SYMBOLS AND ABBREVIATIONS
4.1 SYMBOLS
4.2 ABBREVIATIONS
5 ORGANIZATION
6 APPLICATION
7 BASIC ALGORITHMS, FUNCTIONS, AND CONVERSION RULES
7.1 DOMAIN PARAMETER GENERATION
7.2 DOMAIN PARAMETER VALIDATION
7.3 PRIVATE/PUBLIC KEY GENERATION
7.4 PUBLIC KEY VALIDATION
7.5 CALCULATION OF SHARED SECRET ELEMENTS
7.6 DATA CONVERSION RULES
7.7 KEY DERIVATION FROM A SHARED SECRET VALUE
7.8 MAC COMPUTATION
7.9 ANSI X9.42 IMPLEMENTATION VALIDATION
8 KEY AGREEMENT SCHEMES
8.1 KEY AGREEMENT USING THE DIFFIE-HELLMAN ALGORITHM
8.2 KEY AGREEMENT USING THE MQV ALGORITHM
ANNEX A (NORMATIVE) PARAMETER SYNTAX AND ENCODING RULES
A.1 FINITE FIELD SYNTAX
A.2 PARAMETER SYNTAX
A.3 PUBLIC KEY SYNTAX
A.4 SCHEME SYNTAX
A.5 KEY DERIVATION SYNTAX
A.6 MAC FOR ANSI X9.42 IMPLEMENTATION VALIDATION
A.7 ASN.1 MODULE
ANNEX B (NORMATIVE) DOMAIN PARAMETER GENERATION
B.1 GENERATION OF PRIME MODULI
B.2 SELECTION OF A GENERATOR FOR Q-ORDER SUBGROUP
B.3 JACOBI SYMBOL
ANNEX C (NORMATIVE) PSEUDO-RANDOM NUMBER GENERATOR
C.1 PSEUDO-RANDOM NUMBER GENERATOR BASED ON G(T, C)
C.2 PSEUDO-RANDOM NUMBER GENERATOR USING THE TDEA
ANNEX D (INFORMATIVE) CALCULATION EXAMPLES
D.1 GENERATION OF DOMAIN PARAMETERS
D.2 GENERATION OF PRIVATE/PUBLIC KEYS
D.3 SHARED SECRET VALUE CALCULATION - USING DIFFIE-HELLMAN
ALGORITHM
D.4 SHARED SECRET VALUE CALCULATIONS - USING MQV ALGORITHM
D.5 KEY DERIVATION FUNCTION
D.6 MAC COMPUTATION
ANNEX E (INFORMATIVE) SECURITY CONSIDERATIONS
E.1 SECURITY OF THE DISCRETE LOGARITHM PROBLEM IN GF(P)
E.2 SECURITY OF KEY AGREEMENT SCHEMES
E.3 GUIDELINES ON SELECTING AN ANSI X9.42 KEY AGREEMENT SCHEME
E.4 GENERAL SECURITY CONSIDERATIONS
ANNEX F (INFORMATIVE) SUMMARY OF CHANGES FROM ANS X9.42-2001
F.1 TECHNICAL ISSUES
F.2 EDITORIAL ISSUES
ANNEX G (INFORMATIVE) REFERENCES
TABLES
Describes schemes for the agreement of symmetric keys using Diffie-Hellman and MQV algorithms. It covers methods of domain parameter generation, domain parameter validation, key pair generation, public key validation, shared secret value calculation, key derivation, and test message authentication code computation for discrete logarithm problem based key agreement schemes.
| Committee |
X9
|
| DocumentType |
Standard
|
| PublisherName |
American Bankers Association
|
| Status |
Current
|
| 13/30257954 DC : 0 | BS ISO/IEC 11770-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 3: MECHANISMS USING ASYMMETRIC TECHNIQUES |
| ANSI X9.98 : 2010(R2017) | FINANCIAL SERVICES - LATTICE-BASED POLYNOMIAL PUBLIC KEY ESTABLISHMENT ALGORITHM FOR THE FINANCIAL SERVICES INDUSTRY |
| BS IEC 62055-41:2014 | Electricity metering. Payment systems Standard transfer specification (STS). Application layer protocol for one-way token carrier systems |
| ANSI X9.96 : 2004 | FINANCIAL SERVICES - XML CRYPTOGRAPHIC MESSAGE SYNTAX (XCMS) |
| BS EN 14890-1:2008 | Application interface for smart cards used as secure signature creation devices Basic services |
| BS ISO/IEC 15946-3:2002 | Information technology. Security techniques. Cryptographic techniques based on elliptic curves Key establishment |
| INCITS/ISO/IEC 15946-3 : 2002 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CRYPTOGRAPHIC TECHNIQUES BASED ON ELLIPTIC CURVES - PART 3: KEY ESTABLISHMENT |
| IEEE 1363.3-2013 | IEEE Standard for Identity-Based Cryptographic Techniques using Pairings |
| IEEE 1363.2 : 2008 | SPECIFICATION FOR PASSWORD-BASED PUBLIC-KEY CRYPTOGRAPHIC TECHNIQUES |
| BIS IS 15256-4 : 2013 | BANKING - KEY MANAGEMENT (RETAIL) - PART 4: ASYMMETRIC CRYPTOSYSTEMS - KEY MANAGEMENT AND LIFE CYCLE |
| ANSI X9.44:2007 | FINANCIAL SERVICES - PUBLIC-KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY - KEY ESTABLISHMENT USING INTEGER FACTORIZATION CRYPTOGRAPHY |
| ASTM E 2085 : 2000 : REV A | Standard Guide on Security Framework for Healthcare Information (Withdrawn 2009) |
| 16/30335156 DC : 0 | BS EN 14615 - POSTAL SERVICES - DIGITAL POSTAGE MARKS - APPLICATIONS, SECURITY AND DESIGN |
| 13/30284056 DC : 0 | BS EN 62055-41 - ELECTRICITY METERING - PAYMENT SYSTEMS - PART 41: STANDARD TRANSFER SPECIFICATION (STS) - APPLICATION LAYER PROTOCOL FOR ONE-WAY TOKEN CARRIER SYSTEMS |
| 03/103592 DC : DRAFT MAR 2003 | BS EN 14615 - POSTAL SERVICES - AUTOMATED PROCESSING OF MAIL ITEMS - DIGITAL POSTAGE MARKS |
| BS ISO/IEC 18367:2016 | Information technology. Security techniques. Cryptographic algorithms and security mechanisms conformance testing |
| 02/648262 DC : DRAFT JUN 2002 | ISO/IEC FCD 7816-15 - INFORMATION TECHNOLOGY - IDENTIFICATION CARDS - INTEGRATED CIRCUIT(S) CARDS WITH CONTACTS - PART 15: CRYPTOGRAPHIC INFORMATION APPLICATION |
| ANSI X9 TR 39 : 2009 | TG-3 RETAIL FINANCIAL SERVICES COMPLIANCE GUIDELINE - PART 1: PIN SECURITY AND KEY MANAGEMENT |
| I.S. EN 14890-1:2008 | APPLICATION INTERFACE FOR SMART CARDS USED AS SECURE SIGNATURE CREATION DEVICES - PART 1: BASIC SERVICES |
| ISO/IEC 18367:2016 | Information technology Security techniques Cryptographic algorithms and security mechanisms conformance testing |
| IEC 62055-41:2014 RLV | Electricity metering – Payment systems – Part 41: Standard transfer specification (STS) – Application layer protocol for one-way token carrier systems |
| CSA ISO/IEC 15946-3 : 2004 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CRYPTOGRAPHIC TECHNIQUES BASED ON ELLIPTIC CURVES - PART 3: KEY ESTABLISHMENT |
| 14/30293056 DC : 0 | BS ISO/IEC 7816-15 - IDENTIFICATION CARDS - INTEGRATED CIRCUIT CARDS - PART 15: CRYPTOGRAPHIC INFORMATION APPLICATION |
| BS ISO 11568-4:2007 | Banking. Key management (retail) Asymmetric cryptosystems. Key management and life cycle |
| DIN EN 14890-1:2009-03 | APPLICATION INTERFACE FOR SMART CARDS USED AS SECURE SIGNATURE CREATION DEVICES - PART 1: BASIC SERVICES |
| 07/30161079 DC : 0 | BS EN 14890-1 - APPLICATION INTERFACE FOR SMART CARDS USED AS SECURE SIGNATURE CREATION DEVICES - PART 1: BASIC SERVICES |
| 12/30255293 DC : 0 | BS EN 14890-1 - APPLICATION INTERFACE FOR SMART CARDS USED AS SECURE SIGNATURE CREATION DEVICES - PART 1: BASIC SERVICES |
| BS ISO/IEC 11770-3 : 2015 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 3: MECHANISMS USING ASYMMETRIC TECHNIQUES |
| UNI EN 419212-1 : 2015 | APPLICATION INTERFACE FOR SMART CARDS USED AS SECURE SIGNATURE CREATION DEVICES - PART 1: BASIC SERVICES |
| ANSI X9.65 : 2004 | TRIPLE DATA ENCRYPTION ALGORITHM (TDEA), IMPLEMENTATION STANDARD |
| 15/30279582 DC : 0 | BS ISO/IEC 18367 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CRYPTOGRAPHIC ALGORITHMS AND SECURITY MECHANISMS CONFORMANCE TESTING |
| DIN EN 14890-1 E : 2009 | APPLICATION INTERFACE FOR SMART CARDS USED AS SECURE SIGNATURE CREATION DEVICES - PART 1: BASIC SERVICES |
| ANSI X9/TG-3 : 2006 | RETAIL FINANCIAL SERVICES COMPLIANCE GUIDELINE - ONLINE PIN SECURITY AND KEY MANAGEMENT |
| EN 14890-1:2008 | Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services |
| CAN/CSA-ISO/IEC 11770-3:16 | Information technology - Security techniques - Key management - Part 3: Mechanisms using asymmetric techniques (Adopted ISO/IEC 11770-3:2015, third edition, 2015-08-01) |
| 07/30161232 DC : 0 | BS ISO/IEC 11770-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 3: MECHANISMS USING ASYMMETRIC TECHNIQUES |
| INCITS/ISO/IEC 7816-15 : 2004 | IDENTIFICATION CARDS - INTEGRATED CIRCUIT CARDS WITH CONTACTS - PART 15: CRYPTOGRAPHIC INFORMATION APPLICATION |
| IEC 62055-41:2018 RLV | Electricity metering - Payment systems - Part 41: Standard transfer specification (STS) - Application layer protocol for one-way token carrier systems |
| ISO/IEC 11770-3:2015 | Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques |
| ISO/IEC 15946-3:2002 | Information technology Security techniques Cryptographic techniques based on elliptic curves Part 3: Key establishment |
| ISO 11568-4:2007 | Banking — Key management (retail) — Part 4: Asymmetric cryptosystems — Key management and life cycle |
| ANSI X9.84 : 2010(R2017) | BIOMETRIC INFORMATION MANAGEMENT AND SECURITY FOR THE FINANCIAL SERVICES INDUSTRY |
| CAN/CSA-ISO/IEC 18367:18 | Information technology — Security techniques — Cryptographic algorithms and security mechanisms conformance testing (Adopted ISO/IEC 18367:2016, first edition, 2016-12-15) |
| ANSI X9.79-4 : 2013 | PUBLIC KEY INFRASTRUCTURE (PKI) - PART 4: ASYMMETRIC KEY MANAGEMENT |
| ANSI X9.82-1 : 2006(R2013) | RANDOM NUMBER GENERATION - PART 1: OVERVIEW AND BASIC PRINCIPLES |
| ANSI X9.79-1 : 2001 | FINANCIAL SERVICES PUBLIC KEY INFRASTRUCTURE - PART 1: PKI PRACTICES AND POLICY FRAMEWORK |
| ANSI X9.30.1 : 1997 | PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY - PART 1: THE DIGITAL SIGNATURE ALGORITHM (DSA) |
| ANSI X9.57 : 1997 | PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY: CERTIFICATE MANAGEMENT |
| ANSI X9.80 : 2005(R2013) | PRIME NUMBER GENERATION, PRIMALITY TESTING, AND PRIMALITY CERTIFICATES |
| ISO/IEC 8825-2:2015 | Information technology ASN.1 encoding rules: Specification of Packed Encoding Rules (PER) Part 2: |
| ANSI X9/TG-9 : 1995 | ABSTRACT SYNTAX NOTATION AND ENCODING RULES FOR FINANCIAL INDUSTRY STANDARDS |
| ISO/IEC 8825-1:2015 | Information technology ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) Part 1: |
| ANSI X9.52 : 1998 | TRIPLE DATA ENCRYPTION ALGORITHM MODES OF OPERATION |
| ISO/IEC 8824-2:2015 | Information technology Abstract Syntax Notation One (ASN.1): Information object specification Part 2: |
| ISO/IEC 9594-8:2017 | Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks |
| ANSI X9.71 : 2000 | KEYED HASH MESSAGE AUTHENTICATION CODE (MAC) |
| ISO/IEC 8824-4:2015 | Information technology Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 specifications Part 4: |
| ISO/IEC 8824-1:2015 | Information technology Abstract Syntax Notation One (ASN.1): Specification of basic notation Part 1: |
| ANSI INCITS 92 : 1981 | DATA ENCRYPTION ALGORITHM |
| ANSI X9.17 : 1995 | FINANCIAL INSTITUTION KEY MANAGEMENT (WHOLESALE), |
| ANSI X9.30.2 : 1997 | PUBLIC KEY CRYPTOGRAPHY USING IRREVERSIBLE ALGORITHMS - PART 2: THE SECURE HASH ALGORITHM (SHA-1) |
| ISO/IEC 8824-3:2015 | Information technology Abstract Syntax Notation One (ASN.1): Constraint specification Part 3: |
| ISO/IEC 11770-3:2015 | Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.