「暗号/情報セキュリティ」

Size: px

Start display at page:

Download "「暗号/情報セキュリティ」"

ひろとかいじ
4 years ago
Views:

5 PKI PKI: (Public Key Infrastructure)

7 1976 DES 1978 Privacy Money

8 ()DES, RIJNDAEL, MISTY, KASUMI () RSA, DSA,

9 I Love You ( ) A 55 m m 8 & $ ( ) I Love You

10 A B R R A B

11 DES (Data Encryption Standard) National Security Agency DES Triple-DES NIST AES

12 AES (Advanced Encryption Standard) DES NIST FIPS AES RIJNDAEL AES Official Home Page

13 AES AES Triple-DES AES Target Specific Cipher

14 I Love You ( ) A 55 m m 8 & $ ( ) I Love You

15 A B A A I Love You I Love You OK NG Private Key A A

16 PKI (Public Key Infrastructure) CA Certificate Authority

17 EDI e-government ETC System EC Healthcare Secure Web Access System PDF Secure Secure Storage System Key Recovery Intrusion Detection System SET SSL S/MIME SMTP SHTTP HTTP FTP DAP/LDAP Time-. Certificate Management Directory Service (X.509) Signature (PKCS) Encryption (PKCS) Secure Hub Smart Card Secure H/W Module Cryptographic LSI/IP Cryptographic Library

18 ISO/IEC JTC1 SC27 IS /24 NW18033 IETF Internet CRYPTREC NESSIE

19 FIPS FIPS 46-2 DES FIPS 74 Guidelines for using DES FIPS 81 DES modes of operation FIPS 102: Guidelines for certification & accrediation FIPS 112: Password usage FIPS 113 Data authentication (CBC-MAC) FIPS Cryptomodule security requirements FIPS 171 Key management using X9.17 FIPS Secure Hash Standard (SHA-1)

20 FIPS FIPS 181 Automated Password Generator FIPS 185 Key Escrow (Clipper & Skipjack) FIPS 186 Digital Signature Standard (DSS) FIPS 188: Standard Security Labels for Info Transfer FIPS : Guidelines for Authentication & Analyzing LAN FIPS 196 Entity Authentication

21 PKCS (Public-Key Cryptography Standards) RSA Laboratories (1)PKCS #1: RSA Encryption Standard (2) PKCS #3: Diffie-Hellman Key Agreement Standard (3) PKCS #5: Password-Based Encryption Standard (4) PKCS #6: Extended-Certificate Syntax Standard (5) PKCS #7: Cryptographic Message Syntax Standard (6) PKCS #8: Private-Key Information Syntax Standard (7) PKCS #9: Selected Attribute Types (8) PKCS #10: Certification Request Syntax Standard (9) PKCS #11: Cryptographic Token Interface Standard (10) PKCS #12: Personal Information Exchange Syntax Standard (11) PKCS #13: Elliptic Curve Cryptography Standard URL

22 IETF RFC MD2, MD4, MD5 RFC PEM RFC 1508, 2025, 2078 GSS-APIRFC 1510: Kerberos V5 Network Authentication RFC 1828 Keyed MD5 RFC 1848 Security Multiparts for MIME(S/MIME) RFC 1938 One-time Password System RFC PPP Encryption RFC 1991, 2015 PGP RFC 2401, , 2412 IPSEC

23 ISO X.509 X.500 CC(Common Criteria) rating

24 X.509 I.. Edition ISO Document No. ITU-T Document No. Edition 1 (88) Edition 2 (93) Edition 3 (97) Edition 4 (Planning) ISO/IEC : 1990 ISO/IEC : 1995 ISO/IEC : 1997 ISO/IEC : 200x? CCITT Recommendation X.509 (1988) ITU-T Recommendation X.509 (1993) ITU-T Recommendation X.509 (1997) ITU-T Recommendation X.509 (200x?)

25 ISO9979 ISO DES IPA

26 ISO B-CRYPT BT(UK) 1992 MISTY1 Mitsubishi Electric(JP) 199 IDEA Ascom Ascom(CH) 1993 ENCRiP NEC(JP) 199 LUC LUC(NZ) 1994 ACR SAGEM(FR) 199 DES NCS(US) 1994 FWZ1 Check Point Software(IL) 199 CDMF IBM(US) 1994 SPEAM1 Matsushita (JP) 199 Skipjack NSA(US) 1994 ELCURVE Hitachi (JP) 199 RC4 RSADSI(US) 1994 CIPHERUNICORN-E NEC(JP) 199 RC2 RSADSI(US) 1994 M8 Hitachi (JP) 199 MULTI2 FEAL BARAS SXAL/MBAL MBALLaurel Hitachi(JP) 1994 GCC International Information NTT(JP) 1994 Science Institute (JP) 2000 ETSI(FR) 1995 TRIPLO Toshiba (JP) 2000 Laurel Intelligent FSAngo Fuji Soft ABC (JP) 2000 Systems (JP) 1995

27 ISO/IEC JTC1/SC27 ISO/IEC WD /-2/-3/-4 Encryption Algorithms

28 NESSIE 1/3 New European Schemes for Signatures, Integrity, and Encryption

29 NESSIE 2/3

30 NESSIE ACE IBM ECIES Certicom BMGL Hastard LILI-128 Dawson Leviathan SOBER-t16 Cisco Qualcomm EPOC NTT SNOW Johansson SOBER-t32 Qualcomm PSEC RSA-OAEP NTT RSA GPS France Telecom CS-Cipher Cipher 64 Khazad MISTY1 CS Communication & Systems Baretto, Rijmen Nimbus Machado ) ACE IBM Hierocrypt-L1 IDEA Mediacrypt ECDSA ESIGN FLASH Certicom NTT BULL CP8 Anibus 128 Caemellia Grand Cru Baretto, Rijmen NTT, Borst QUARTZ BULL CP8 Noekeon Daemen SFLASH BULL CP8 Q McBride RSA-PSS RSA SC2000 Whirlpool Baretto,Rijmen Hierocrypt-3 Two-Track Track- MAC Boer, Rompay SHACAL (160 ) Gemplus UMAC Rogaway RC6 ( ) SAFER++ RSA Cylink NUSH LAN Crypto

31 NESSIE ACE (*) IBM ECIES Certicom BMGL Hastard SOBER-t16 Qualcomm EPOC-2 2 (*) NTT SNOW Johansson SOBER-t32 Qualcomm PSEC-2 2 (*) RSA-OAEP (*) NTT RSA GPS France Telecom 64 Khazad MISTY1 Baretto, Rijmen ) IDEA Mediacrypt ECDSA ESIGN (*) Certicom NTT 128 Caemellia NTT, QUARTZ BULL CP8 SFLASH BULL CP8 RSA-PSS RSA Whirlpool Two-Track Track- MAC Baretto,Rijmen Boer, Rompay SHACAL (160 ) UMAC Rogaway RC6 ( ) (*) SAFER++ RSA Cylink Gemplus

32 NESSIE (3/3) ISO NESSIE IPR Industrial board

33 1/3 CRYPTREC Cryptography Research and Evaluation Committee IPA (

34 2/ CRYPTREC

35 3/ SSL

36 2001 ESIGN RSA PKCS#1 1.5 RSA-PSS DSA ECDSA ECDSA in SEC1 OK-ECDSA(*) EPOC-2 HIME-R R (*) RSA-OAEP ECIES in SEC1 NTRU (*) DH ECDH in SEC1 OK-ECDH (*) PSEC-KEM (*) NTT RSALAB /Certicom Camellia NTT 128 CIPHERUNICORN-A RC6 RSALAB /Certicom NTT /Certicom NTT MULTI-S01 MUGI (*) CIPHERUNICORN-E 64 Hierocrypt-L1 MISTY1 TripleDES SC2000 Rijndael AES SHA-256,384,512 RIPEMD-160 SHA-1 PRNG based on SHA1 NTT/ RSALAB (*)

37 CRYPTREC )

38 IS IS etc

40 DES ) 1995 MISTY PowerMISTY Japan-Net, LSI, DVD-ROM 1996 KASUMI, Camellia, ETCSAM, SMTK CryptoSignTRUSTWEB, CERTMANAGER(,TurboMISTY ),,PDF

42 姛嵲嵲剆靌檝嵲剆鞢檝

43 ) DES!

44 (MISTY) MISTY LSI

46 IT : IT IT

47 ISO/IEC WD ISO/IEC ( /

48 ) ]

ASF-01

ASF-01 暗号モジュール試験及び認証制度 (JCMVP) 承認されたセキュリティ機能に関する仕様平成 26 年 4 月 1 日独立行政法人情報処理推進機構 ASF-01 A p p r o v e d S e c u r i t y F u n c t i o n s 目次 1. 目的... 1 2. 承認されたセキュリティ機能... 1 公開鍵... 1 共通鍵... 3 ハッシュ... 4 メッセージ認証...