ATR-01-D

Similar documents
<4D F736F F D20838A B F955C8E8682A982E796DA8E9F914F5F A815B FD B A5F E646F63>

ASF-01

untitled

福祉行財政と福祉計画[第3版]

Microsoft Word - セキュリティポリシー公開用 doc

スライド 1

汎用版.indd


さぬきの安全2016-cs5-出力.indd

看護学科案内'16/表紙

44 4 I (1) ( ) (10 15 ) ( 17 ) ( 3 1 ) (2)

生活設計レジメ

I II III 28 29


YMS-VPN1_User_Manual

PowerPoint Presentation

/07/ /10/12 I

01_06.indd

QW-3414


2016東奥義塾高等学校スクールガイド

2 3


01.P28-01

bangumi1411



i


Wide Scanner TWAIN Source ユーザーズガイド

output2010本文.indd

/02/ /09/ /05/ /02/ CA /11/09 OCSP SubjectAltName /12/02 SECOM Passport for Web SR



01.eps

1 48

11太陽電池作品集表1

SP100 取扱説明書


(個別のテーマ) 薬剤に関連した医療事故

(個別のテーマ) 医療機器の使用に関連した医療事故

(個別のテーマ) 医療処置に関連した医療事故

(個別のテーマ) 放射線検査に関連した医療事故

内閣官房情報セキュリティセンター(NISC)


橡ミュラー列伝Ⅰ.PDF

生理学研究所博士後期課程大学院生募集案内

(Requirements in communication) (efficiently) (Information Theory) (certainly) (Coding Theory) (safely) (Cryptography) I 1

2 key. 3

美唄市広報メロディー2014年1月号

p0124_03

1 DHT Fig. 1 Example of DHT 2 Successor Fig. 2 Example of Successor 2.1 Distributed Hash Table key key value O(1) DHT DHT 1 DHT 1 ID key ID IP value D

provider_020524_2.PDF

ESIGN-TSH 1.0 NTT

暗号モジュール試験及び認証制度 ~ 安心して使える暗号モジュールとは ~


「産業上利用することができる発明」の審査の運用指針(案)

Si-R180 ご利用にあたって

178 5 I 1 ( ) ( ) ( ) ( ) (1) ( 2 )

TLS _final


ICカード利用システムにおいて新たに顕現化したPre-play attackとその対策



ii

セミナー構成 1 部概要 (13:30~14:20) 暗号アルゴリズム実装試験の概要 暗号アルゴリズム及び試験内容の説明 AES 2 部 RSA(14:30~15:30) 暗号アルゴリズム及び試験内容の説明 RSA-OAEP RSA-PSS 3 部擬似乱数生成器 (15:40~16:30) 暗号アル

<4D F736F F D F81798E518D6C8E9197BF33817A88C38D868B5A8F70834B D31292E646F63>

untitled

i

「暗号/情報セキュリティ」

AccessflÌfl—−ÇŠš1

Transcription:

(JCMVP) 24 2 29 ATR-01-D Cryptographic Algorithm Implementation Testing Requirements

1 1 1.1....................... 1 1.2....................................... 2 2 3 2.1..................................... 3 3 4 3.1..................................... 4 3.1.1 HMAC...................................... 4 3.1.2 CMAC...................................... 4 3.1.2.1..................... 4 3.1.2.1.1 (SMT)........... 4 3.1.2.1.2 (SLMT).... 5 3.1.2.1.3 (PGMT)..... 5 3.1.2.2.............. 5 3.1.3 CCM................................... 6 3.1.3.1............................ 6 3.1.3.1.1 associated data (VADT)....... 6 3.1.3.1.2 (VPT).............. 6 3.1.3.1.3 nonce (VNT)............. 6 3.1.3.1.4 (VTT)...... 6 3.1.3.2............................. 7 3.1.4 GCM/GMAC.................................. 7 3.1.4.1............................ 7 3.1.4.1.1 IV..................... 7 3.1.4.1.2 IV..................... 7 3.1.4.2............................. 8 3.1.4.3 IV uniqueness.................... 8 4 9 4.1.................................. 9 11 i

1, (JCATT)., 2. 1.1..,,.,.,.. :... :.,.,. :,.. [6], [7]., 1.1. 1.1:. 1/12

,,.,.,. 1.2. 2 :. 3 :.,. JCATT: IUT: JCATT 2/12

2. 2.1 HMAC CMAC CCM GCM/GMAC 3/12

3 3.1 HMAC, CMAC, CCM, GCM/GMAC. 3.1.1 HMAC HMAC.. (SMT) (SLMT) (PGMT), (ATR-01-C) 3 SMT, SLMT, PGMT. 3.1.2 CMAC CMAC. 3.1.2.1, HMAC CMACVS[1] SHAVS[2].. (SMT) (SLMT) (PGMT) 3.1.2.1.1 (SMT) ( ) m. SMT, m/8 + 1. 0,8,16,...,m.,. 4/12

3.1.2.1.2 (SLMT) 3.1.2.1.1, ( ) m. SLMT, m/8., m + 8 i ( Upperbound of SLMT 1), 1 i m/8,. Upperbound of SLMT.,,. 3.1.2.1.3 (PGMT) Seed, outerloop innerloop, MD[0] MD[outerloop-1].,. for (j=0; j<outerloop; j++) { MAC[0] = Seed; MAC[1] = Seed; MAC[2] = Seed; for (i=3; i<innerloop+3; i++) { M[i] = MAC[i-3] MAC[i-2] MAC[i-1]; // MAC[i] = CMAC(M[i], key); } MAC[j] = MAC[i-1]; Seed = MAC[i-1]; OUTPUT MAC[j]; } 3.1.2.2. JCATT,, IUT. JCATT,,, IUT.,,. 5/12

3.1.3 CCM CCM, CCMVS[3].. 3.1.3.1. associated data (VADT) (VPT) nonce (VNT) (VTT) 3.1.3.1.1 associated data (VADT) associated data, nonce ( ) associated data,,.,,, nonce, associated data. 3.1.3.1.2 (VPT), nonce ( ), associated data,.,,, nonce, associated data. 3.1.3.1.3 nonce (VNT) nonce, ( ) nonce,, associated data,.,,, nonce, associated data. 3.1.3.1.4 (VTT) 6/12

, nonce ( ), associated data,.,,, nonce, associated data. 3.1.3.2.,,, nonce, associated data,. INVALID,,,, nonce, associated data, INVALID.,. 3.1.4 GCM/GMAC GCM/GMAC, GCMVS[4].. 3.1.4.1 IV IV IV 3.1.4.1.1 IV IUT IV, ( ),, AAD(Additional Autheticated Data), IV. IUT Authentication Tag. JCATT, IUT Authentication Tag.,, AAD, IV. 3.1.4.1.2 IV 7/12

IUT IV, ( ),, AAD(Additional Autheticated Data). IUT IV, IV, Authentication Tag. JCATT, IUT Authentication Tag, AAD, IUT IV, Authentication Tag. IUT,, AAD,. INVALID,,, AAD, INVALID.,, AAD, IV. 3.1.4.2 JCATT ( ),, AAD, IV, Authentication Tag, Authentication Tag., Authentication Tag,, AAD, IV,. INVALID,, Authentication Tag,, AAD, IV, INVALID.,, AAD, IV,. 3.1.4.3 IV uniqueness NIST SP800-38D[5] Section 8 IV uniqueness JCATT 8/12

4 4.1,, 1,., 4.1, 4.2, 4.4. 4.1: HMAC SHA-256 SHA-1, SHA-224, SHA-256, SHA- 384, SHA-512 128 8 ( /2) 16000 Upperbound of SLMT 100 100 PGMT 1000 1000 100 100 4.2: CMAC AES AES 3-KeyTripleDES 128 AES 128,192,256. 3-KeyTripleDES 192 128 8., AES 128, 3-KeyTripleDES 64 Upperbound of SLMT 100 100 PGMT 1000 1000 100 100 AES AES 3-KeyTripleDES 128 AES 128, 192, 256. 3-KeyTripleDES 192 128 8., AES 128, 3-KeyTripleDES 64 256 8 16000 10 10 ( ) 30 1 99 9/12

4.3: CCM AES 128 128 128, 192, 256 VADT Associated data 240 8 16000 10 10 VPT 256 8 16000 10 10 VNT nonce 104 56, 64, 72, 80, 88, 96, 104 10 10 VTT 128 32, 48, 64, 80, 96, 112, 128 10 10 AES 128 128 128, 192, 256 128 32, 48, 64, 80, 96, 112, 128 256 8 16000 10 10 ( ) 30 1 99 4.4: GCM/GMAC AES 128 128 128, 192, 256 AAD 128 8 16000 256 8 16000 20 20 IV IV 96 8 8 16000 Authentication Tag 128 128, 120, 112, 104, 96, 64, 32 AES 128 128 128, 192, 256 AAD 128 8 16000 256 8 16000 20 20 IV 96 8 8 16000 Authentication Tag 128 128, 120, 112, 104, 96, 64, 32 ( ) 30 1 99 10/12

, 21 1 23, 21 1 8., 21 7 1, 21 7 10., 24 2 29, 24 6 1. [1] Sharon S. Keller, The CMAC Validation System (CMACVS), National Institute of Standards and Technology, March 30, 2006. [2] L. E. Bassham III, The secure hash algorithm validation system (SHAVS), National Institute of Standards and Technology, July 22, 2004. [3] L. E. Bassham III, The CCM validation system (CCMVS), National Institute of Standards and Technology, July 30, 2006. [4] Timothy A. Hall, Sharon S. Keller, The Galois/Counter Mode (GCM) and GMAC Validation System (GCMVS), National Institute of Standards and Technology, February 11, 2009. [5] Morris Dworkin, Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC, NIST SP 800-38D, National Institute of Standards and Technology, November, 2007. [6] JCATT, http://www.ipa.go.jp/security/ jcmvp/documents/open/jcatt/format/jcatt fileformat d.zip [7] JCATT, http://www.ipa.go.jp/security/jcmvp/ documents/open/jcatt/sample/jcatt sample d.zip 11/12

ATR-01-D 21 1 23 21 7 1 (HMAC-RIPEMD-160 ) 24 2 29 (GCM/GMAC ) 12/12

2026 © docsplayer.net プライバシー | 利用規約 | フィードバック