IBM Computer Hardware 2 User Manual Page 459
- Page / 508
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
CCA Release 2.54
Formatting Hashes and Keys in Public-Key Cryptography
The Digital_Signature_Generate and Digital_Signature_Verify verbs support several
methods for formatting a hash, and in some cases a descriptor for the hashing
method, into a bit-string to be processed by the cryptographic algorithm. This
section discusses the ANSI X9.31 and PKCS #1 methods. The ISO 9796-1
method can be found in the ISO standard.
This section also describes the PKCS #1, version 1, 1.5, and 2.0, methods for
placing a key in a bit string for RSA ciphering as part of a key exchange.
ANSI X9.31 Hash Format
With ANSI X9.31, the string that is processed by the RSA algorithm is formatted by
the concatenation of a header, padding, the hash and a trailer, from the most
significant bit to the least significant bit, such that the resulting string is the same
length as the modulus of the key. For the CCA implementation, the modulus length
must be a multiple of 8 bits.
The header consists of X'6B'
The padding consists of X'BB', repeated as many times as required, and
terminated by X'BA'
The hash value follows the padding
The trailer consists of a hashing mechanism specifier and final byte. These
specifiers are defined:
–X'31': RIPEMD-160
–X'32': RIPEMD-128
–X'33': SHA-1
A final byte of X'CC'.
PKCS #1 Formats
Version 2.0 of the PKCS #1 standard
4
defines methods for formatting keys and
hashes prior to RSA encryption of the resulting data structures. The earlier
versions of the PKCS #1 standard defined “block types” 0, 1, and 2, but in the
current standard that terminology is dropped.
The CCA products described in this book implement these processes using the
terminology of the Version 2.0 standard:
For formatting keys for secured transport:
– RSAES-OAEP, the preferred method for key-encipherment
5
when
exchanging DATA keys between systems. In CCA, keyword PKCSOAEP
is used to invoke this formatting technique. The “P” parameter described in
the standard is not used and its length is set to zero.
– RSAES-PKCS1-v1_5, is an older method for formatting keys. In CCA,
keyword PKCS-1.2 is used to invoke this formatting technique.
For formatting hashes for digital signatures:
4
PKCS standards can be retrieved from http://www.rsasecurity.com/rsalabs/pkcs.
5
The PKA92 method and the method incorporated into the SET standard are other examples of the OAEP technique. The “OAEP”
technique is attributed to Bellare and Rogaway and stands for “Optimal Asymmetric Encryption Padding.”
Appendix D. Algorithms and Processes
D-19
- Release 2.54 1
- IBM iSeries PCICC Feature 1
- Contents 3
- CCA Release 2.54 10
- Trademarks 13
- About This Publication 15
- Release 2.52 16
- Release 2.51 16
- Release 2.41 17
- About This Publication xix 19
- Organization 22
- Related Publications 23
- Cryptography Publications 23
- Overlapped Processing 31
- CCA Access-Control 40
- Understanding Access Control 40
- Role-Based Access Control 40
- Understanding Roles 41
- Understanding Profiles 42
- Logging On and Logging Off 45
- Multi-Coprocessor Capability 48
- Establishing Master Keys 51
- Logon_Control (CSUALCT) 90
- Master_Key_Process (CSNBMKP) 97
- Related Information 100
- Random_Number_Tests (CSUARNT) 102
- Restrictions 102
- Parameters 102
- Required Commands 103
- Chapter 3. RSA Key-Management 105
- Key Generation 106
- Key Import 108
- Using the PKA Keys 109
- Extracting a Public Key 110
- PKA_Key_Generate (CSNDPKG) 111
- PKA_Key_Import (CSNDPKI) 115
- PKA_Key_Token_Build (CSNDPKB) 118
- CCA Release 2.54 122
- Digital Signatures 136
- MDC_Generate (CSNBMDG) 144
- One_Way_Hash (CSNBOWH) 147
- Chapter 5. DES Key-Management 151
- Control Vectors 154
- Key Types 155
- Key-Usage Restrictions 156
- Key Tokens 162
- Key Labels 164
- Key Identifiers 164
- Installing and Verifying Keys 165
- Generating Keys 166
- Diversifying Keys 169
- Storing Keys in Key Storage 170
- Security Precautions 171
- Clear_Key_Import (CSNBCKI) 172
- Data_Key_Export (CSNBDKX) 181
- Data_Key_Import (CSNBDKM) 183
- Key_Export (CSNBKEX) 192
- Key_Generate (CSNBKGN) 194
- Key-Length Specification 199
- Key_Import (CSNBKIM) 201
- CCA Release 2.54 Key_Import 203
- Key_Part_Import (CSNBKPI) 204
- Key_Test (CSNBKYT) 208
- Key_Token_Build (CSNBKTB) 211
- Key_Token_Change (CSNBKTC) 214
- Key_Token_Parse (CSNBKTP) 216
- Key_Translate (CSNBKTR) 219
- PKA_Decrypt (CSNDPKD) 223
- PKA_Encrypt (CSNDPKE) 225
- PKA_Encrypt CCA Release 2.54 226
- Ensuring Data Confidentiality 243
- Ensuring Data Integrity 245
- Decipher (CSNBDEC) 247
- Decipher CCA Release 2.54 248
- Encipher (CSNBENC) 250
- CCA Release 2.54 Encipher 251
- MAC_Generate (CSNBMGN) 253
- MAC_Verify (CSNBMVR) 256
- Chapter 7. Key-Storage Verbs 259
- Key-Label Content 260
- DES_Key_Record_List (CSNBKRL) 265
- PKA_Key_Record_List (CSNDKRL) 273
- PKA_Key_Record_Read (CSNDKRR) 275
- Retained_Key_List (CSNDRKL) 280
- Processing Financial PINs 284
- PIN-Verb Summary 287
- Providing Security for PINs 288
- PIN Security 289
- PIN-Calculation Methods 290
- Data_Array 290
- PIN Profile 292
- PIN-Extraction Methods 294
- Working With EMV Smart Cards 295
- Clear_PIN_Encrypt (CSNBCPE) 297
- Clear_PIN_Generate (CSNBPGN) 300
- CVV_Generate (CSNBCSG) 309
- CVV_Verify (CSNBCSV) 312
- PIN_Change/Unblock (CSNBPCU) 334
- SET_Block_Compose (CSNDSBC) 348
- SET_Block_Decompose (CSNDSBD) 352
- Return Codes 361
- Reason Codes 361
- Return Code 0 362
- Return Code 4 363
- Return Code 8 364
- Return Code 12 370
- Return Code 16 371
- Appendix B. Data Structures 373
- Null Key-Token 374
- DES Key-Tokens 375
- External DES Key-Token 377
- RSA PKA Key-Tokens 378
- RSA Key-Token Sections 379
- PKA Key-Token Integrity 380
- Chaining-Vector Records 392
- Key-Storage Records 393
- Key_Record_List Data Set 397
- Role Structure 401
- Aggregate Role Structure 402
- Access-Control-Point List 402
- Default Role Contents 403
- Profile Structure 404
- Aggregate Profile Structure 405
- Authentication Data Structure 405
- User Profile 408
- Role Data Structure 411
- Aggregate Role Data Structure 412
- Function Control Vector 414
- Encryption 417
- Changing Control Vectors 432
- Mask Array Preparation 436
- Notation Used in Calculations 444
- MDC-1 Calculation 444
- MDC-2 Calculation 445
- MDC-4 Calculation 445
- Ciphering Methods 445
- ANSI X9.23 447
- MAC Calculation Methods 453
- RSA Key-Pair Generation 455
- Access-Control Algorithms 456
- ANSI X9.31 Hash Format 459
- PKCS #1 Formats 459
- PIN-Calculation Methods 462
- PIN-Block Formats 469
- 3624 PIN-Block Format 469
- ISO-0 PIN-Block Format 470
- ISO-1 PIN-Block Format 471
- ISO-2 PIN-Block Format 472
- UKPT Calculation Methods 473
- CVV and CVC Method 476
- PIN-Block Self-encryption 479
- Appendix F. Verb List 481
- List of Abbreviations 491
- Glossary 493
- Numerics 499
- PDF File 508
Related products and manuals for Software IBM Computer Hardware 2
Software IBM SG24-5131-00 User Manual
(240 pages)
(240 pages)
Software IBM AS/400 User Manual
(489 pages)
(489 pages)
Software IBM CISCO R2E2 User Manual
(110 pages)
(110 pages)
Software IBM NETCOOL 4.3-W User Manual
(516 pages)
(516 pages)
Software IBM Server OS/390 User Manual
(76 pages)
(76 pages)
Software IBM Switch 15 User Manual
(270 pages)
(270 pages)
Software IBM SC34-7012-01 User Manual
(268 pages)
(268 pages)
Software IBM SC41-5420-04 User Manual
(116 pages)
(116 pages)
Software IBM Transaction Server OS User Manual
(103 pages)
(103 pages)
Software IBM SC34-5764-01 User Manual
(481 pages)
(481 pages)
Software IBM TIVOLI SC32-0129-00 User Manual
(82 pages)
(82 pages)
Software IBM G325-2585-02 User Manual
(90 pages)
(90 pages)
Software IBM SG24-6526-00 User Manual
(184 pages)
(184 pages)
Software IBM SC33-1686-02 User Manual
(317 pages)
(317 pages)
Software IBM 5697-VM3 User Manual
(6 pages)
(6 pages)
Software IBM DS6000 User Manual
(406 pages)
(406 pages)
Software IBM CDI5UG1107 User Manual
(178 pages)
(178 pages)
Software IBM GC28-1982-02 User Manual
(216 pages)
(216 pages)
Software IBM 12.1(22)EA6 User Manual
(550 pages)
(550 pages)
© 2020, manymanuals.com. All rights reserved. | 0.129 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals