NIST:生成安全密码密钥

admin管理员组

文章数量:1662847

NIST:生成安全密码密钥

https://ws680.nist.gov/publication/get_pdf.cfm?pub_id=913043

ITL BULLETIN FOR DECEMBER 2012

GENERATING SECURE CRYPTOGRAPHIC KEYS:

• 生成安全密码密钥

A CRITICAL COMPONENT OF CRYPTOGRAPHIC KEYMANAGEMENT AND THE PROTECTION OF SENSITIVE INFORMATION

Shirley Radack, Editor
Computer Security Division
Information Technology Laboratory
National Institute of Standards and Technology
U.S. Department of Commerce

Cryptography provides strong protection for information technology (IT) systems, applications, and information, especially when information is sensitive, has a high value, or is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage. Cryptographic methods can be used to maintain the confidentiality and integrity of information, verify that information was not changed after it was sent, and authenticate the originator of the information.
Cryptography relies upon two basic components: an algorithm (or cryptographic methodology) and a cryptographic key. The algorithm is a complex mathematical function for applying cryptographic protection (e.g.
, encrypting the data) and later reversing or verifying the process (e.g., decrypting the encrypted data), and the key is a parameter used by the function. Secure management of the cryptographic keys is critically important, since the security and reliability of cryptographic processes depend upon the strength of the keys, the effectiveness of the protocols associated with the keys, and the protection given to the keys.
加密技术为信息技术 (it) 系统、应用程序和信息提供了强大的保护, 尤其是当信息敏感、价值高或在信息传输及存储期间容易受到未经授权的披露或未被发现的修改时。加密方法可用于维护信息的机密性和完整性, 验证信息发送后没有被更改, 并对信息的创建者进行身份验证。
加密技术依赖于两个基本组件: 算法 (或加密方法) 和加密密钥。该算法是应用加密保护的一个复杂的数学函数 (例如: 加密数据), 然后反转或验证过程 (例如, 解密加密的数据), 该密钥是函数使用的参数。加密密钥的安全管理至关重要, 因为加密过程的安全性和可靠性取决于密钥的强度、与密钥相关的协议的有效性以及对密钥的保护。

Federal Standards and Recommendations for the Secure Management of Cryptography
The Information Technology Laboratory of the National Institute of Standards and Technology (NIST) has developed Federal Information Processing Standards (FIPS) specifying cryptographic algorithms that are
approved for federal government use. In addition, NIST Special Publications (SPs) provide recommended practices that assist federal government organizations in applying cryptographic methods and in securely managing the cryptographic keys that are to be used with the approved cryptographic algorithms.
Another effort that helps organizations manage cryptographic keys effectively is the testing and validation of cryptographic modules, which contain the cryptographic algorithms and which are used in commercial
products and systems to provide security services. The testing and validation program established by NIST focuses on the validation of cryptographic modules and cryptographic algorithm implementations, accreditation of independent testing laboratories, and the development of test suitesfor the cryptographic algorithms. Many of these testing and validation activities are carried out in collaboration with industry and with other government organizations. See the For More Information section below for references to approved cryptographic algorithms, requirements for cryptographic modules, and the operation of the Cryptographic Module Validation Program (CMVP). In November, ITL issued a new guide, NIST Special Publication 800-133, Recommendation for Cryptographic Key Generation, to help federal government organizations generate the cryptographic keys that are to be used with the approved cryptographic algorithms. The publication provides general background information on the generation of cryptographic keys, how and where the keys are generated, and requirements for the generation of keys that provide the security strengths needed by organizations to protect their information.

• 加密技术安全管理的联邦标准和建议

  美国国家标准与技术研究所 (nist) 的信息技术实验室开发了联邦信息处理标准 (fips), 具体规定了经批准供联邦政府使用的加密算法。此外, nist 特殊出版物 (sp) 还提供了建议的做法, 以协助联邦政府组织应用加密方法和安全地管理将与批准的加密一起使用的加密密钥算法。
  帮助组织有效管理加密密钥的另一项工作是测试和验证加密模块, 这些模块包含加密算法, 并用于商业产品和系统中, 以提供安全服务.nist 建立的测试和验证程序侧重于加密模块和加密算法实现的验证、独立测试实验室的认证以及测试课程的开发。加密算法。其中许多测试和验证活动是与工业界和其他政府组织合作进行的。 有关已批准的加密算法、加密模块要求以及加密模块验证程序 (cmvp) 的操作的参考, 请参阅下面的 “详细信息” 部分。 11月, ITL发布了一份新的指南, 即 nist 特别出版物 800-133：《加密密钥生成建议》, 以帮助联邦政府组织生成与被批准的加密算法一起使用的加密密钥。该出版物提供了关于加密密钥生成、密钥生成方式和位置的一般背景信息, 以及密钥生成要求，这些要求可提供组织保护其信息所需的安全强度。

NIST Special Publication 800-133, Recommendation for Cryptographic Key Generation
NIST SP 800-133, which was written by Elaine Barker and Allen Roginsky of NIST, discusses technical methods covering the generation of keys using the output of a random bit generator, the derivation of a key from another key, the derivation of a key from a password, and the key agreement process performed by two entities using an approved key-agreement scheme.
SP 800-133 recommends methods for the generation of key pairs for asymmetric algorithms and of keys for symmetric algorithms. Included in the publication are definitions, explanations of acronyms and symbols, and references to standards and to recommendations for the secure
implementation of cryptographic algorithms and the effective management of cryptographic keys.
Recommendation for Cryptographic Key Generation is available here.

• nist 特别出版物 800-133, 关于加密密钥生成的建议

  nist sp 800-133, 由 nist 的 elaine barker 和 allen roginsky 编写, 讨论了使用随机位生成器的输出生成密钥的技术方法, 从另一个密钥派生一个键, 从密码派生一个密钥, 以及两个实体使用已批准的密钥协议方案执行的关键协议过程。
  sp 800133 推荐了用于生成非对称算法的密钥对和用于对称算法的密钥的方法。该出版物包括定义、首字母缩写词和符号的解释, 以及对标准和关于加密算法的安全实施和加密密钥的有效管理的建议的参考。
  有关加密密钥生成的建议可在此处找到。

Cryptographic Algorithms and Keys
A cryptographic algorithm and a key are used to provide a number of cryptographic services, including encrypting data, generating a digital signature, decrypting encrypted data, and verifying a digital signature. Other cryptographic services include generating challenges, random numbers, and Message Authentication Codes (MACs).
In secret-key cryptography, two or more parties share the same key, which is used to encrypt and decrypt data. The key must be kept secret, and the parties who share a key rely upon each other not to disclose the key and to protect it against modification. Public key cryptography uses a pair of keys for each party: one is public and the other is private. The public key can be made known to other parties; the private key must be kept confidential and must be known only to its owner. Both keys, however, need to be protected against modification. Public key cryptography is used to generate and verify digital signatures to provide assurance to a receiver that a given message was sent by the claimed sender, or to establish symmetric keys between parties that do not share such keys for protecting sensitive information.
Keys may be established through techniques that are based on asymmetric or public key algorithms, or through techniques that are based on symmetric or secret key algorithms. Hybrid techniques are also commonly used in the key-generating process by applying public key techniques to establish symmetric or secret keys, which are then used to establish other symmetric or secret keys or to protect sensitive information.

• 加密算法和密钥

  加密算法和密钥用于提供多种加密服务, 包括加密数据、生成数字签名、解密加密数据和验证数字签名等。其他加密服务包括生成挑战、随机数和消息身份验证代码 (mac)。
  在密钥加密中, 两个或多个参与方共享相同的密钥, 用于对数据进行加密和解密。钥匙必须保密, 共享钥匙的当事人相互依靠对方不披露钥匙, 保护钥匙不被修改。 公钥加密为每一方使用一对密钥: 一个是公共密钥, 另一个是私有密钥。公钥可以向其他各方公布;私钥必须保密, 并且必须只向其所有者知晓。但是, 这两个键都需要保护以防止修改。公钥加密用于生成和验证数字签名, 以便向接收方保证给定的消息是由声明的发送方发送的, 或者在不共享此类密钥以保护敏感信息的各方之间建立对称密钥信息。
  密钥可以通过基于非对称或公钥算法的技术来建立, 也可以通过基于对称或密钥算法的技术来建立。混合技术也通常用于密钥生成过程中, 方法是应用公钥技术来建立对称或密钥, 然后用于建立其他对称或密钥或保护敏感信息。

Summary of NIST Recommendations for Cryptographic Key Generation
NIST SP 800-133 specifies the methods for the computation, establishment, and distribution of key pairs in accordance with existing standards and recommendations. See the online version of the publication for detailed information about implementing the recommendations for the generation of secure cryptographic keys.
Key generation techniques.
Keys can be generated through a variety of techniques: the generation of a key using the output of a random bit generator (RBG), the derivation of a key from another key, the derivation of a key from a password, and a key agreement performed by two entities using an approved key-agreement scheme. SP 800-133 specifies that federal organizations base the generation of their cryptographic keys directly or indirectly on the output of an approved random bit generator. Keys that are derived during a key-agreement transaction, derived from another key using a key derivation function, or derived from a password for storage applications are considered to be indirectly generated from an RBG, since the key used in the generation of another key or the random value used to generate a key-agreement key pair was obtained directly from the output of an approved RBG. Cryptographic keys needed by federal organizations are to be generated within tested and validated cryptographic modules. Random values required for key generation must be generated within the module that generates the key. The RBG should provide the security strengths that the implementing organization needs to protect its information. NIST publications that provide recommendations covering the techniques for the generation of keys using RBGs are included in the list of publications below.
Generation of key pairs for asymmetric algorithms.
Asymmetric-key algorithms, also known as public-key algorithms, require the use of asymmetric key pairs, consisting of a private key and a corresponding public key. The key to be used for each operation depends on the cryptographic process being performed; for example, digital-signature generation requires the use of a private key, while signature verification requires the use of the corresponding public key. Each public/private key pair is associated with only one entity; this entity is known as the key-pair owner. The public key may be known by anyone, but the private key must be known and used only by the key-pair owner. Key pairs are generated by either the key-pair owner or by a trusted party that will provide the key pair to the owner in a secure manner. The trusted party must be trusted by all parties that use the public key. One use of asymmetric keys is the generation of digital signatures. Digital signatures are generated on data to provide origin authentication, assurance of data integrity, or signatory non-repudiation. Digital signatures are generated by a signer using a private key, and verified by a receiver using a public key. Publications that include recommendations for the generation of key pairs for asymmetric applications are included in the reference section below.

• 关于加密密钥生成的 nist 建议摘要

  nist sp 800-133 根据现有标准和建议指定了密钥对的计算、建立和分发方法。有关实现生成安全加密密钥的建议的详细信息, 请参阅出版物的联机版本。

• 关键生成技术

  密钥可以通过多种技术生成: 使用随机位生成器 (rbg) 的输出生成密钥, 从另一个密钥派生密钥, 从密码派生密钥, 以及由两个实体使用批准执行的密钥协议d 密钥协议计划。sp 800-133 指定联邦组织直接或间接地根据批准的随机位生成器的输出生成其加密密钥。在密钥协议事务期间派生的密钥、从使用密钥派生函数的另一个键派生的密钥, 或从存储应用程序的密码派生的密钥被视为间接从 rbg 生成的, 因为在生成另一个键或用于生成密钥协议密钥对的随机值直接从批准的 rbg 输出中获得。联邦组织所需的加密密钥将在经过测试和验证的加密模块中生成。密钥生成所需的随机值必须在生成密钥的模块中生成。成果预算制应提供执行组织保护其信息所需的安全优势。nist 出版物提供了关于使用 rbg 生成密钥的技术的建议, 这些出版物列于以下出版物列表中。

• 非对称算法密钥对的生成

  非对称密钥算法, 也称为公钥算法, 需要使用非对称密钥对, 包括私钥和相应的公钥。要用于每个操作的密钥取决于所执行的加密过程;例如, 数字签名生成需要使用私钥, 而签名验证需要使用相应的公钥。 每个公钥对只与一个实体关联;此实体称为密钥对所有者。公钥可能为任何人所知, 但私钥必须仅由密钥对所有者知道和使用。密钥对是由密钥对所有者或受信任方生成的, 将以安全的方式向所有者提供密钥对。受信任的一方必须得到使用公钥的所有各方的信任。非对称密钥的一种用途是生成数字签名。在数据上生成数字签名, 以提供原产地认证、数据完整性保证或签名不可否认性。数字签名由签名者使用私钥生成, 并由使用公钥的接收方进行验证。下面的参考部分包含有关为非对称应用程序生成密钥对的建议的出版物。

Generation of keys for symmetric key algorithms.
Symmetric-key algorithms use the same key to both apply cryptographic protection to information and to remove or verify the protection. Keys used with symmetric-key algorithms must be known only by the entities authorized to apply, remove, or verify the protection, and are commonly known as secret keys. A secret key is often known by multiple entities that may share or own the secret key, although it is not uncommon for a key to be generated, owned, and used by a single entity, such as for secure storage.
A secret key should be generated by one or more of the entities that will share the key, or a trusted party that provides the key to the intended sharing entities in a secure manner. The trusted party must be trusted by all entities that will share the key not to disclose the key to unauthorized parties or otherwise misuse the key.
Publications that include recommendations for the generation of keys for symmetric applications are included in the reference section below.
For More Information
The following publications are related to methods for the management of cryptography. For information about these NIST standards and guidelines, as well as other security-related publications, see here.
Federal Information Processing Standard (FIPS) 140-2, Security Requirements for Cryptographic Modules(The Implementation Guidance for FIPS PUB 140-2 and information about the Cryptographic Module Validation Program is available here.

• 对称密钥算法的密钥生成

  对称密钥算法使用相同的密钥将提供信息加密保护以及删除或验证保护。与对称密钥算法一起使用的密钥必须仅由授权应用、删除或验证保护的实体知道, 并且通常称为秘密密钥。秘密密钥通常由可能共享或拥有秘密密钥的多个实体所知道, 尽管由单个实体 (如安全存储) 生成、拥有和使用密钥的情况并不少见。
  秘密密钥应由一个或多个共享密钥的实体生成, 或由以安全方式向预期共享实体提供密钥的受信任方生成。将共享密钥的所有实体都必须信任受信任方, 以免向未经授权的当事方披露密钥或以其他方式滥用密钥。
  下面的参考部分中包含了有关为对称应用程序生成密钥的建议的发布。
  有关详细信息, 以下出版物与密码学管理方法有关。有关这些 nist 标准和准则以及其他与安全有关的出版物的信息, 请参见此处。
  联邦信息处理标准 (fips) 140-2, 加密模块的安全要求 (fips pub 140-2 的实施指南和有关加密模块验证程序的信息, 请参见此处

FIPS 180-4, Secure Hash Standard (SHS)
FIPS 186-3, Digital Signature Standard (DSS)
FIPS 197, Advanced Encryption Standard (AES)
FIPS 198-1, Keyed-Hash Message Authentication Code (HMAC)
Special Publication (SP) 800-38A, Recommendation for Block Cipher Modes of Operation - Methods and Techniques
SP 800-38B, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication
SP 800-38F, Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping
SP 800-56A, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
SP 800-56B, Recommendation for Pair-Wise Key Establishment Using Integer Factorization Cryptography
SP 800-56C, Recommendation for Key Derivation through Extraction-then-Expansion,
SP 800-57, Part 1, Recommendation for Key Management: General (Revision 3)
SP 800-67, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher
SP 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators
SP 800-90B, Draft Recommendation for the Entropy Sources Used for Random Bit Generation
SP 800-90C, Draft Recommendation for Random Bit Generator (RBG) Constructions
SP 800-108, Recommendation for Key Derivation Using Pseudorandom Functions (Revised)
SP 800-131A, Recommendation for the Transitioning of Cryptographic Algorithms and Key Lengths
SP 800-132, Recommendation for Password-Based Key Derivation, Part 1: Storage Applications
SP 800-135, Recommendation for Existing Application-Specific Key Derivation Function Information about NIST’s information security programs is available from the Computer Security Resource Center here.
ITL Bulletin Publisher:
Elizabeth Lennon, Writer/Editor
Information Technology Laboratory
National Institute of Standards and Technology
Email elizabeth.lennon@nist.gov
Disclaimer
Any mention of commercial products or reference to commercial organizations is for information only; it does not imply recommendation or endorsement by NIST nor does it imply that the products mentioned
are necessarily the best available for the purpose.
fips 180-4, 安全哈希标准 (shs)
fips 186-3, 数字签名标准 (dss)
fips 197, 高级加密标准 (aes)
fips 198-1, 键击消息身份验证代码 (hmac)
特别出版物 (sp) 800-38A, 关于块密码操作模式的建议-方法和技术
sp 800-38B, 关于块密码操作模式的建议: cmac 身份验证模式
sp 800-38F, 关于块密码操作模式的建议: 密钥包装方法 sp 800-56A, 使用离散对数密码学建立 pair-wise 密钥建立方案的建议
sp 800-56B, 关于使用整数分解密码学建立对明智的密钥的建议
sp 800-56C, 通过拉伸当时扩展进行密钥派生的建议, sp 800-57, 第1部分, 关键管理建议: 一般 (修订版 3)
sp 800-67, 关于三重数据加密算法 (tdea) 块密码 sp 800-90A 的建议, 关于使用确定性随机比特生成器生成随机数的建议
sp 800-90B, 用于随机位生成的熵源的建议草案 sp 800-90B, 随机位生成器 (rbg) 构造的建议草案
sp 800-108, 关于使用伪随机函数进行密钥派生的建议 (修订) sp 8–131a, 关于密码算法和关键长度转换的建议
sp 800-132, 关于基于密码的密钥派生的建议, 第1部分: 存储应用程序
sp 800-135, 关于现有应用程序特定密钥派生函数的建议有关 nist 的信息安全程序的信息, 可在这里的计算机安全资源中心获得。
ITL发布者:
elizabeth lennon, 作家/编辑
信息技术实验室
美国国家标准与技术研究所
电邮 elizabeth.lennon@nist.gov

免责声明任何提及商业产品或提及商业组织仅供参考;它并不意味着 nist 的推荐或认可, 也不意味着所提及的产品必然是最适合这一目的的产品。

本文标签： 密钥密码Nist