BS ISO/IEC 19772:2009
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Information technology. Security techniques. Authenticated encryption
Hardcopy , PDF
07-12-2020
English
30-09-2014
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols (and abbreviated terms)
5 Requirements
6 Authenticated encryption mechanism 1 (OCB 2.0)
6.1 Introduction
6.2 Specific notation
6.3 Specific requirements
6.4 Definition of function M[2]
6.5 Definition of function M[3]
6.6 Definition of function J
6.7 Encryption procedure
6.8 Decryption procedure
7 Authenticated encryption mechanism 2 (Key Wrap)
7.1 Introduction
7.2 Specific notation
7.3 Specific requirements
7.4 Encryption procedure
7.5 Decryption procedure
8 Authenticated encryption mechanism 3 (CCM)
8.1 Introduction
8.2 Specific notation
8.3 Specific requirements
8.4 Encryption procedure
8.5 Decryption procedure
9 Authenticated encryption mechanism 4 (EAX)
9.1 Introduction
9.2 Specific notation
9.3 Specific requirements
9.4 Definition of function M
9.5 Encryption procedure
9.6 Decryption procedure
10 Authenticated encryption mechanism 5 (Encrypt-then-MAC)
10.1 Introduction
10.2 Specific notation
10.3 Specific requirements
10.4 Encryption procedure
10.5 Decryption procedure
11 Authenticated encryption mechanism 6 (GCM)
11.1 Introduction
11.2 Specific notation
11.3 Specific requirements
11.4 Definition of multiplication operation
11.5 Definition of function G
11.6 Encryption procedure
11.7 Decryption procedure
Annex A (informative) - Guidance on use of the mechanisms
A.1 Introduction
A.2 Selection of mechanism
A.3 Mechanism 1 (OCB 2.0)
A.4 Mechanism 2 (Key Wrap)
A.5 Mechanism 3 (CCM)
A.6 Mechanism 4 (EAX)
A.7 Mechanism 5 (Encrypt-then-MAC)
A.8 Mechanism 6 (GCM)
Annex B (informative) - Examples
B.1 Introduction
B.2 Mechanism 1 (OCB 2.0)
B.3 Mechanism 2 (Key Wrap)
B.4 Mechanism 3 (CCM)
B.5 Mechanism 4 (EAX)
B.6 Mechanism 5 (Encrypt-then-MAC)
B.7 Mechanism 6 (GCM)
Annex C (normative) - ASN.1 module
C.1 Formal definition
C.2 Use of subsequent object identifiers
Bibliography
Describes six methods for authenticated encryption, i.e. defined ways of processing a data string with the following security objectives: - data confidentiality, i.e. protection against unauthorized disclosure of data, - data integrity, i.e. protection that enables the recipient of data to verify that it has not been modified, - data origin authentication, i.e. protection that enables the recipient of data to verify the identity of the data originator.
Committee |
IST/33/2
|
DevelopmentNote |
Supersedes 07/30105115 DC. (07/2009)
|
DocumentType |
Standard
|
Pages |
40
|
PublisherName |
British Standards Institution
|
Status |
Superseded
|
SupersededBy | |
Supersedes |
This International Standard specifies six methods for authenticated encryption, i.e. defined ways of processing a data string with the following security objectives: data confidentiality, i.e. protection against unauthorized disclosure of data, data integrity, i.e. protection that enables the recipient of data to verify that it has not been modified, data origin authentication, i.e. protection that enables the recipient of data to verify the identity of the data originator. All six methods specified in this International Standard are based on a block cipher algorithm, and require the originator and the recipient of the protected data to share a secret key for this block cipher. Key management is outside the scope of this standard; key management techniques are defined in ISO/IEC11770 . Four of the mechanisms in this standard, namely mechanisms 1, 3, 4 and 6, allow data to be authenticated which is not encrypted. That is, these mechanisms allow a data string that is to be protected to be divided into two parts, D, the data string that is to be encrypted and integrity-protected, and A (the additional authenticated data) that is integrity-protected but not encrypted. In all cases, the string A may be empty. NOTE Examples of types of data that may need to be sent in unencrypted form, but whose integrity should be protected, include addresses, port numbers, sequence numbers, protocol version numbers, and other network protocol fields that indicate how the plaintext should be handled, forwarded, or processed.
Standards | Relationship |
ISO/IEC 19772:2009 | Identical |
ISO/IEC 19772:2009/Cor 1:2014 | Identical |
ISO/IEC 18033-1:2015 | Information technology Security techniques Encryption algorithms Part 1: General |
ISO/IEC 18033-3:2010 | Information technology Security techniques Encryption algorithms Part 3: Block ciphers |
ISO/IEC 9797-1:2011 | Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipher |
ISO/IEC 10116:2017 | Information technology — Security techniques — Modes of operation for an n-bit block cipher |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.