• There are no items in your cart

ISO/IEC 9798-6:2010

Current

Current

The latest, up-to-date edition.

Information technology Security techniques Entity authentication Part 6: Mechanisms using manual data transfer

Available format(s)

Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users

Language(s)

English

Published date

17-11-2010

€144.00
Excluding VAT

ISO/IEC 9798-6:2010 specifies eight entity authentication mechanisms based on manual data transfer between authenticating devices. Four of these mechanisms are improved versions of mechanisms specified in ISO/IEC 9798-6:2005 since they use less user input and achieve more security. Such mechanisms can be appropriate in a variety of circumstances where there is no need for an existing public key infrastructure, shared secret keys or passwords. One such application occurs in personal networks, where the owner of two personal devices capable of wireless communications wishes them to perform an entity authentication procedure as part of the process of preparing them for use in the network. These mechanisms can also be used to support key management functions.

ISO/IEC 9798-6:2010 specifies mechanisms in which entity authentication is achieved by

  • manually transferring short data strings from one device to the other, or
  • manually comparing short data strings output by the two devices.

In ISO/IEC 9798-6:2010, the meaning of the term entity authentication is different from the meaning applied in other parts of ISO/IEC 9798. Instead of one device verifying that the other device has a claimed identity (and vice versa), both devices in possession of a user verify that they correctly share a data string with the other device at the time of execution of the mechanism. This data string could contain identifiers (and/or public keys) for one or both of the devices.

DocumentType
Standard
Pages
35
PublisherName
International Organization for Standardization
Status
Current
Supersedes

BS ISO/IEC 19785-4:2010 Information technology. Common Biometric Exchange Formats Framework Security block format specifications
07/30154069 DC : 0 BS ISO/IEC 24727-3 - IDENTIFICATION CARDS - INTEGRATED CIRCUIT CARD PROGRAMMING INTERFACES - PART 3: APPLICATION INTERFACE
07/30107757 DC : 0 BS ISO/IEC 24708 - INFORMATION TECHNOLOGY - BIOAPI INTERWORKING PROTOCOL
ANSI X9.117 : 2012 SECURE REMOTE ACCESS - MUTUAL AUTHENTICATION
17/30349181 DC : 0 BS ISO/IEC 24760-1 AMENDMENT 1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - A FRAMEWORK FOR IDENTITY MANAGEMENT - PART 1: TERMINOLOGY AND CONCEPTS
PD ISO/TR 14742:2010 Financial services. Recommendations on cryptographic algorithms and their use
ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
07/30163724 DC : 0 BS ISO/IEC 24727-4 - IDENTIFICATION CARDS - INTEGRATED CIRCUIT CARDS PROGRAMMING INTERFACE - PART 4: API ADMINISTRATION
INCITS/ISO/IEC 19785-4 : 2010 INFORMATION TECHNOLOGY - COMMON BIOMETRIC EXCHANGE FORMATS FRAMEWORK - PART 4: SECURITY BLOCK FORMAT SPECIFICATIONS
BIS IS 16281-4 : 2014 INFORMATION TECHNOLOGY - COMMON BIOMETRIC EXCHANGE FORMATS FRAMEWORK - PART 4: SECURITY BLOCK FORMAT SPECIFICATIONS
ISO/TR 14742:2010 Financial services Recommendations on cryptographic algorithms and their use
BS ISO/IEC 19790:2012 Information technology. Security techniques. Security requirements for cryptographic modules
ISO/IEC 19785-4:2010 Information technology — Common Biometric Exchange Formats Framework — Part 4: Security block format specifications

ISO/IEC 8825-1:2015 Information technology ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) Part 1:
ISO/IEC 18033-3:2010 Information technology Security techniques Encryption algorithms Part 3: Block ciphers
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 18033-4:2011 Information technology — Security techniques — Encryption algorithms — Part 4: Stream ciphers
ISO/IEC 11770-3:2015 Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques
ISO/IEC 9798-1:2010 Information technology Security techniques Entity authentication Part 1: General

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.