标准摘要
[中文适用范围]: 本文件规定了五种经过身份验证的加密方法,即对数据字符串进行处理的定义方式,以实现以下安全目标:—— 数据保密性,即防止未经授权的数据泄露;—— 数据完整性,即保护接收方能够验证数据是否未被篡改;—— 数据来源认证,即保护接收方能够验证数据源的身份。本文件中规定的五种方法均基于块状加密算法,并要求数据保护的发送方和接收方共享该块状加密算法的秘密密钥。密钥管理超出本文件范围。有关密钥管理的技术在 ISO/IEC 11770(所有部分)中定义。本文件中的四种机制(即机制 3、4、5(仅限 AAD 变体)和 6),允许对不需要加密但需要保护其完整性的数据进行认证。也就是说,这些机制允许将要被保护的数据字符串分为两部分:D(要加密和完整性保护的部分)和 A(额外的认证数据,仅需完整性保护而无需加密)。在所有情况下,字符串 A 可以为空。注 解:例如,需要以未加密形式发送但需保护其完整性的数据类型包括地址、端口号、序列号、协议版本号和其他网络协议字段,这些字段指示明文如何处理、转发或处理。 [外文原描述]: This document specifies five methods for authenticated encryption, i.e. defined ways of processing a data string with the following security objectives: — data confidentiality, i.e. protection against unauthorized disclosure of data; — data integrity, i.e. protection that enables the recipient of data to verify that it has not been modified; — data origin authentication, i.e. protection that enables the recipient of data to verify the identity of the data originator. All five methods specified in this document are based on a block cipher algorithm, and require the originator and the recipient of the protected data to share a secret key for this block cipher. Key management is outside the scope of this document. Key management techniques are defined in ISO/IEC 11770 (all parts). Four of the mechanisms in this document, namely mechanisms 3, 4, 5 (AAD variant only) and 6, allow data to be authenticated which is not encrypted. That is, these mechanisms allow a data string that is to be protected to be divided into two parts, D, the data string that is to be encrypted and integrity-protected, and A (the additional authenticated data) that is integrity-protected but not encrypted. In all cases, the string A can be empty. NOTE Examples of types of data that can need to be sent in unencrypted form, but whose integrity is to be protected, include addresses, port numbers, sequence numbers, protocol version numbers and other network protocol fields that indicate how the plaintext is to be handled, forwarded or processed.
英文名称Information security - Authenticated encryption