Public Key Cryptography Standards (PKCS):
PKCS model was initially developed
by RSA Laboratories. The main purpose of PKCS is to standardize Public Key
Infrastructure (PKI). The standardization is in many respects, such as
formatting, algorithms and APIs. This would help organizations to develop and
implement inter-operable PKI solutions, rather than everyone choosing their own
standard.
Standard
|
Purpose
|
Details
|
PKCS#1
|
RSA Encryption Standard
|
Defines the basic
formatting rules for RSA public key functions, more specifically the digital
signature. It defines how digital signatures should be calculated, including
the structure of the data to be signed as well as the format of the
signature. The standard also defines the syntax for RSA private and public
keys.
|
PKCS#2
|
RSA Encryption Standard
for Message Digests
|
This standard outlined the
message digest calculation. However, this is now merged with PKCS#1 and does
not have an independent existence.
|
PKCS#3
|
Diffie-Hellman Key
Agreement Standard
|
Defines a mechanism to
implement Diffe-Hellman Key Agreement protocol.
|
PKCS#4
|
NA
|
Merged with PKCS#1
|
PKCS#5
|
Password Based Encryption
(PBE)
|
Describes a method for
encrypting an octet string with a symmetric key. The symmetric key is derived
from a password.
|
PKCS#6
|
Extended Certificate
Syntax Standard
|
Defines syntax for
extending the basic attributes of an X.509 digital certificate.
|
PKCS#7
|
Cryptographic Message
Syntax Standard
|
Specifies a format/syntax
for data that is the result of a cryptographic operation. Examples of this
are digital signatures and digital envelopes. This standard provides many
formatting options, such as messages that are only signed, only enveloped,
signed and enveloped, etc.
|
PKCS#8
|
Private Key Information
Standard
|
Describes the syntax for
private key information (i.e. the algorithm and attributes used to generate
the private key).
|
PKCS#9
|
Selected Attribute Types
|
Defines selected attribute
types for use in PKCS#6 extended certificates (e.g. email address,
unstructured name and address).
|
PKCS#10
|
Certificate Request Syntax
Standard
|
Defines syntax for
requesting for digital certificates. A certificate request contains a
Distinguished Name (DN) and public key.
|
PKCS#11
|
Cryptographic Token
Interface Standard
|
This standard, also called
as Cryptoki , specifies an API for the single-user devices that contain
cryptographic information, such as private keys and digital certificates.
These devices are also capable of performing cryptographic functions. Smart
cards are examples of such devices.
|
PKCS#12
|
Personal Information
Exchange Syntax Standard
|
Defines syntax for
personal identity information, such as private keys, digital certificates,
etc. This allows the users to transfer their certificates and other personal
identity information from one device to another, using a standard mechanism.
|
PKCS#13
|
Elliptic Curve
Cryptography Standard
|
Currently under
development, this standard deals with a new cryptographic mechanism called as
Elliptic Curve Cryptography.
|
PKCS#14
|
Pseudo-Random Number
Generation Standard
|
Currently under
development, this standard will specify the requirements and process of
random number generation. Since random numbers are extensively used in
cryptography, standardizing their generation is important.
|
PKCS#15
|
Cryptographic Token Information
Syntax Standard
|
Defines a standard for
cryptographic tokens, so that they can interoperate.
|
0 comments:
Post a Comment