BS ISO/IEC 19772:2020

$167.15

Information security. Authenticated encryption

Published By	Publication Date	Number of Pages
BSI	2020	34

Guaranteed Safe Checkout

Category: BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

This document specifies five methods for authenticated encryption, i.e. defined ways of processing a data string with the following security objectives:

data confidentiality, i.e. protection against unauthorized disclosure of data;
data integrity, i.e. protection that enables the recipient of data to verify that it has not been modified;
data origin authentication, i.e. protection that enables the recipient of data to verify the identity of the data originator.

All five methods specified in this document are based on a block cipher algorithm, and require the originator and the recipient of the protected data to share a secret key for this block cipher.

Key management is outside the scope of this document. Key management techniques are defined in ISO/IEC 11770 (all parts).

Four of the mechanisms in this document, namely mechanisms 3, 4, 5 (AAD variant only) and 6, allow data to be authenticated which is not encrypted. That is, these mechanisms allow a data string that is to be protected to be divided into two parts, D, the data string that is to be encrypted and integrity-protected, and A (the additional authenticated data) that is integrity-protected but not encrypted. In all cases, the string A can be empty.

NOTE

Examples of types of data that can need to be sent in unencrypted form, but whose integrity is to be protected, include addresses, port numbers, sequence numbers, protocol version numbers and other network protocol fields that indicate how the plaintext is to be handled, forwarded or processed.

PDF Catalog

PDF Pages	PDF Title
2	undefined
6	Foreword
7	Introduction
8	1 Scope 2 Normative references 3 Terms and definitions
10	4 Symbols and abbreviated terms
11	5 Requirements
12	6 Authenticated encryption mechanism 2 (key wrap) 6.1 General 6.2 Specific notation 6.3 Specific requirements 6.4 Encryption procedure
13	6.5 Decryption procedure 7 Authenticated encryption mechanism 3 (CCM) 7.1 General
14	7.2 Specific notation 7.3 Specific requirements 7.4 Encryption procedure
16	7.5 Decryption procedure
17	8 Authenticated encryption mechanism 4 (EAX) 8.1 General 8.2 Specific notation 8.3 Specific requirements 8.4 Definition of function M
18	8.5 Encryption procedure 8.6 Decryption procedure
19	9 Authenticated encryption mechanism 5 (encrypt-then-MAC) 9.1 General 9.2 Specific notation 9.3 Specific requirements
20	9.4 Encryption procedure 9.5 Decryption procedure
21	10 Authenticated encryption mechanism 6 (GCM) 10.1 General 10.2 Specific notation
22	10.3 Specific requirements 10.4 Definition of multiplication operation • 10.5 Definition of function G
23	10.6 Encryption procedure 10.7 Decryption procedure
25	Annex A (informative) Guidance on the use of the mechanisms
28	Annex B (informative) Numerical examples
32	Annex C (normative) Object identifiers
33	Bibliography

Additional information

Status	Definitive
Pages	34
Publication Date	2020-12-07
ISBN	978 0 539 15001 8
Standard Number	BS ISO/IEC 19772:2020
Title	Information security. Authenticated encryption
Identical National Standard Of	ISO/IEC 19772
Replaces	BS ISO/IEC 19772:2009
Descriptors	Coded representation, Data integrity, Information exchange, Identification methods, Cryptography, Verification, Algorithms, Data processing, Data conversion, Data security, Codes
Publisher	BSI
Committee	IST/33
ICS Codes	35.030 - IT Security

Preview PDF


PDF Format	Searchable	Printable	Preview Now

BS ISO/IEC 19772:2020

PDF Catalog

Related products