NIST:生成安全密碼密鑰

https://ws680.nist.gov/publication/get_pdf.cfm?pub_id=913043

ITL BULLETIN FOR DECEMBER 2012

GENERATING SECURE CRYPTOGRAPHIC KEYS:

• 生成安全密碼密鑰

A CRITICAL COMPONENT OF CRYPTOGRAPHIC KEYMANAGEMENT AND THE PROTECTION OF SENSITIVE INFORMATION

Shirley Radack, Editor
Computer Security Division
Information Technology Laboratory
National Institute of Standards and Technology
U.S. Department of Commerce

Cryptography provides strong protection for information technology (IT) systems, applications, and information, especially when information is sensitive, has a high value, or is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage. Cryptographic methods can be used to maintain the confidentiality and integrity of information, verify that information was not changed after it was sent, and authenticate the originator of the information.
Cryptography relies upon two basic components: an algorithm (or cryptographic methodology) and a cryptographic key. The algorithm is a complex mathematical function for applying cryptographic protection (e.g.
, encrypting the data) and later reversing or verifying the process (e.g., decrypting the encrypted data), and the key is a parameter used by the function. Secure management of the cryptographic keys is critically important, since the security and reliability of cryptographic processes depend upon the strength of the keys, the effectiveness of the protocols associated with the keys, and the protection given to the keys.
加密技術(shù)為信息技術(shù) (it) 系統(tǒng)、應(yīng)用程序和信息提供了強(qiáng)大的保護(hù), 尤其是當(dāng)信息敏感、價(jià)值高或在信息傳輸及存儲(chǔ)期間容易受到未經(jīng)授權(quán)的披露或未被發(fā)現(xiàn)的修改時(shí)。加密方法可用于維護(hù)信息的機(jī)密性和完整性, 驗(yàn)證信息發(fā)送后沒有被更改, 并對(duì)信息的創(chuàng)建者進(jìn)行身份驗(yàn)證。
加密技術(shù)依賴于兩個(gè)基本組件: 算法 (或加密方法) 和加密密鑰。該算法是應(yīng)用加密保護(hù)的一個(gè)復(fù)雜的數(shù)學(xué)函數(shù) (例如: 加密數(shù)據(jù)), 然后反轉(zhuǎn)或驗(yàn)證過程 (例如, 解密加密的數(shù)據(jù)), 該密鑰是函數(shù)使用的參數(shù)。加密密鑰的安全管理至關(guān)重要, 因?yàn)榧用苓^程的安全性和可靠性取決于密鑰的強(qiáng)度、與密鑰相關(guān)的協(xié)議的有效性以及對(duì)密鑰的保護(hù)。

Federal Standards and Recommendations for the Secure Management of Cryptography
The Information Technology Laboratory of the National Institute of Standards and Technology (NIST) has developed Federal Information Processing Standards (FIPS) specifying cryptographic algorithms that are
approved for federal government use. In addition, NIST Special Publications (SPs) provide recommended practices that assist federal government organizations in applying cryptographic methods and in securely managing the cryptographic keys that are to be used with the approved cryptographic algorithms.
Another effort that helps organizations manage cryptographic keys effectively is the testing and validation of cryptographic modules, which contain the cryptographic algorithms and which are used in commercial
products and systems to provide security services. The testing and validation program established by NIST focuses on the validation of cryptographic modules and cryptographic algorithm implementations, accreditation of independent testing laboratories, and the development of test suitesfor the cryptographic algorithms. Many of these testing and validation activities are carried out in collaboration with industry and with other government organizations. See the For More Information section below for references to approved cryptographic algorithms, requirements for cryptographic modules, and the operation of the Cryptographic Module Validation Program (CMVP). In November, ITL issued a new guide, NIST Special Publication 800-133, Recommendation for Cryptographic Key Generation, to help federal government organizations generate the cryptographic keys that are to be used with the approved cryptographic algorithms. The publication provides general background information on the generation of cryptographic keys, how and where the keys are generated, and requirements for the generation of keys that provide the security strengths needed by organizations to protect their information.

• 加密技術(shù)安全管理的聯(lián)邦標(biāo)準(zhǔn)和建議

  美國(guó)國(guó)家標(biāo)準(zhǔn)與技術(shù)研究所 (nist) 的信息技術(shù)實(shí)驗(yàn)室開發(fā)了聯(lián)邦信息處理標(biāo)準(zhǔn) (fips), 具體規(guī)定了經(jīng)批準(zhǔn)供聯(lián)邦政府使用的加密算法。此外, nist 特殊出版物 (sp) 還提供了建議的做法, 以協(xié)助聯(lián)邦政府組織應(yīng)用加密方法和安全地管理將與批準(zhǔn)的加密一起使用的加密密鑰算法。
  幫助組織有效管理加密密鑰的另一項(xiàng)工作是測(cè)試和驗(yàn)證加密模塊, 這些模塊包含加密算法, 并用于商業(yè)產(chǎn)品和系統(tǒng)中, 以提供安全服務(wù).nist 建立的測(cè)試和驗(yàn)證程序側(cè)重于加密模塊和加密算法實(shí)現(xiàn)的驗(yàn)證、獨(dú)立測(cè)試實(shí)驗(yàn)室的認(rèn)證以及測(cè)試課程的開發(fā)。加密算法。其中許多測(cè)試和驗(yàn)證活動(dòng)是與工業(yè)界和其他政府組織合作進(jìn)行的。 有關(guān)已批準(zhǔn)的加密算法、加密模塊要求以及加密模塊驗(yàn)證程序 (cmvp) 的操作的參考, 請(qǐng)參閱下面的 “詳細(xì)信息” 部分。 11月, ITL發(fā)布了一份新的指南, 即 nist 特別出版物 800-133：《加密密鑰生成建議》, 以幫助聯(lián)邦政府組織生成與被批準(zhǔn)的加密算法一起使用的加密密鑰。該出版物提供了關(guān)于加密密鑰生成、密鑰生成方式和位置的一般背景信息, 以及密鑰生成要求，這些要求可提供組織保護(hù)其信息所需的安全強(qiáng)度。

NIST Special Publication 800-133, Recommendation for Cryptographic Key Generation
NIST SP 800-133, which was written by Elaine Barker and Allen Roginsky of NIST, discusses technical methods covering the generation of keys using the output of a random bit generator, the derivation of a key from another key, the derivation of a key from a password, and the key agreement process performed by two entities using an approved key-agreement scheme.
SP 800-133 recommends methods for the generation of key pairs for asymmetric algorithms and of keys for symmetric algorithms. Included in the publication are definitions, explanations of acronyms and symbols, and references to standards and to recommendations for the secure
implementation of cryptographic algorithms and the effective management of cryptographic keys.
Recommendation for Cryptographic Key Generation is available here.

• nist 特別出版物 800-133, 關(guān)于加密密鑰生成的建議

  nist sp 800-133, 由 nist 的 elaine barker 和 allen roginsky 編寫, 討論了使用隨機(jī)位生成器的輸出生成密鑰的技術(shù)方法, 從另一個(gè)密鑰派生一個(gè)鍵, 從密碼派生一個(gè)密鑰, 以及兩個(gè)實(shí)體使用已批準(zhǔn)的密鑰協(xié)議方案執(zhí)行的關(guān)鍵協(xié)議過程。
  sp 800133 推薦了用于生成非對(duì)稱算法的密鑰對(duì)和用于對(duì)稱算法的密鑰的方法。該出版物包括定義、首字母縮寫詞和符號(hào)的解釋, 以及對(duì)標(biāo)準(zhǔn)和關(guān)于加密算法的安全實(shí)施和加密密鑰的有效管理的建議的參考。
  有關(guān)加密密鑰生成的建議可在此處找到。

Cryptographic Algorithms and Keys
A cryptographic algorithm and a key are used to provide a number of cryptographic services, including encrypting data, generating a digital signature, decrypting encrypted data, and verifying a digital signature. Other cryptographic services include generating challenges, random numbers, and Message Authentication Codes (MACs).
In secret-key cryptography, two or more parties share the same key, which is used to encrypt and decrypt data. The key must be kept secret, and the parties who share a key rely upon each other not to disclose the key and to protect it against modification. Public key cryptography uses a pair of keys for each party: one is public and the other is private. The public key can be made known to other parties; the private key must be kept confidential and must be known only to its owner. Both keys, however, need to be protected against modification. Public key cryptography is used to generate and verify digital signatures to provide assurance to a receiver that a given message was sent by the claimed sender, or to establish symmetric keys between parties that do not share such keys for protecting sensitive information.
Keys may be established through techniques that are based on asymmetric or public key algorithms, or through techniques that are based on symmetric or secret key algorithms. Hybrid techniques are also commonly used in the key-generating process by applying public key techniques to establish symmetric or secret keys, which are then used to establish other symmetric or secret keys or to protect sensitive information.

• 加密算法和密鑰

  加密算法和密鑰用于提供多種加密服務(wù), 包括加密數(shù)據(jù)、生成數(shù)字簽名、解密加密數(shù)據(jù)和驗(yàn)證數(shù)字簽名等。其他加密服務(wù)包括生成挑戰(zhàn)、隨機(jī)數(shù)和消息身份驗(yàn)證代碼 (mac)。
  在密鑰加密中, 兩個(gè)或多個(gè)參與方共享相同的密鑰, 用于對(duì)數(shù)據(jù)進(jìn)行加密和解密。鑰匙必須保密, 共享鑰匙的當(dāng)事人相互依靠對(duì)方不披露鑰匙, 保護(hù)鑰匙不被修改。 公鑰加密為每一方使用一對(duì)密鑰: 一個(gè)是公共密鑰, 另一個(gè)是私有密鑰。公鑰可以向其他各方公布;私鑰必須保密, 并且必須只向其所有者知曉。但是, 這兩個(gè)鍵都需要保護(hù)以防止修改。公鑰加密用于生成和驗(yàn)證數(shù)字簽名, 以便向接收方保證給定的消息是由聲明的發(fā)送方發(fā)送的, 或者在不共享此類密鑰以保護(hù)敏感信息的各方之間建立對(duì)稱密鑰信息。
  密鑰可以通過基于非對(duì)稱或公鑰算法的技術(shù)來(lái)建立, 也可以通過基于對(duì)稱或密鑰算法的技術(shù)來(lái)建立?；旌霞夹g(shù)也通常用于密鑰生成過程中, 方法是應(yīng)用公鑰技術(shù)來(lái)建立對(duì)稱或密鑰, 然后用于建立其他對(duì)稱或密鑰或保護(hù)敏感信息。

Summary of NIST Recommendations for Cryptographic Key Generation
NIST SP 800-133 specifies the methods for the computation, establishment, and distribution of key pairs in accordance with existing standards and recommendations. See the online version of the publication for detailed information about implementing the recommendations for the generation of secure cryptographic keys.
Key generation techniques.
Keys can be generated through a variety of techniques: the generation of a key using the output of a random bit generator (RBG), the derivation of a key from another key, the derivation of a key from a password, and a key agreement performed by two entities using an approved key-agreement scheme. SP 800-133 specifies that federal organizations base the generation of their cryptographic keys directly or indirectly on the output of an approved random bit generator. Keys that are derived during a key-agreement transaction, derived from another key using a key derivation function, or derived from a password for storage applications are considered to be indirectly generated from an RBG, since the key used in the generation of another key or the random value used to generate a key-agreement key pair was obtained directly from the output of an approved RBG. Cryptographic keys needed by federal organizations are to be generated within tested and validated cryptographic modules. Random values required for key generation must be generated within the module that generates the key. The RBG should provide the security strengths that the implementing organization needs to protect its information. NIST publications that provide recommendations covering the techniques for the generation of keys using RBGs are included in the list of publications below.
Generation of key pairs for asymmetric algorithms.
Asymmetric-key algorithms, also known as public-key algorithms, require the use of asymmetric key pairs, consisting of a private key and a corresponding public key. The key to be used for each operation depends on the cryptographic process being performed; for example, digital-signature generation requires the use of a private key, while signature verification requires the use of the corresponding public key. Each public/private key pair is associated with only one entity; this entity is known as the key-pair owner. The public key may be known by anyone, but the private key must be known and used only by the key-pair owner. Key pairs are generated by either the key-pair owner or by a trusted party that will provide the key pair to the owner in a secure manner. The trusted party must be trusted by all parties that use the public key. One use of asymmetric keys is the generation of digital signatures. Digital signatures are generated on data to provide origin authentication, assurance of data integrity, or signatory non-repudiation. Digital signatures are generated by a signer using a private key, and verified by a receiver using a public key. Publications that include recommendations for the generation of key pairs for asymmetric applications are included in the reference section below.

• 關(guān)于加密密鑰生成的 nist 建議摘要

  nist sp 800-133 根據(jù)現(xiàn)有標(biāo)準(zhǔn)和建議指定了密鑰對(duì)的計(jì)算、建立和分發(fā)方法。有關(guān)實(shí)現(xiàn)生成安全加密密鑰的建議的詳細(xì)信息, 請(qǐng)參閱出版物的聯(lián)機(jī)版本。

• 關(guān)鍵生成技術(shù)

  密鑰可以通過多種技術(shù)生成: 使用隨機(jī)位生成器 (rbg) 的輸出生成密鑰, 從另一個(gè)密鑰派生密鑰, 從密碼派生密鑰, 以及由兩個(gè)實(shí)體使用批準(zhǔn)執(zhí)行的密鑰協(xié)議d 密鑰協(xié)議計(jì)劃。sp 800-133 指定聯(lián)邦組織直接或間接地根據(jù)批準(zhǔn)的隨機(jī)位生成器的輸出生成其加密密鑰。在密鑰協(xié)議事務(wù)期間派生的密鑰、從使用密鑰派生函數(shù)的另一個(gè)鍵派生的密鑰, 或從存儲(chǔ)應(yīng)用程序的密碼派生的密鑰被視為間接從 rbg 生成的, 因?yàn)樵谏闪硪粋€(gè)鍵或用于生成密鑰協(xié)議密鑰對(duì)的隨機(jī)值直接從批準(zhǔn)的 rbg 輸出中獲得。聯(lián)邦組織所需的加密密鑰將在經(jīng)過測(cè)試和驗(yàn)證的加密模塊中生成。密鑰生成所需的隨機(jī)值必須在生成密鑰的模塊中生成。成果預(yù)算制應(yīng)提供執(zhí)行組織保護(hù)其信息所需的安全優(yōu)勢(shì)。nist 出版物提供了關(guān)于使用 rbg 生成密鑰的技術(shù)的建議, 這些出版物列于以下出版物列表中。

• 非對(duì)稱算法密鑰對(duì)的生成

  非對(duì)稱密鑰算法, 也稱為公鑰算法, 需要使用非對(duì)稱密鑰對(duì), 包括私鑰和相應(yīng)的公鑰。要用于每個(gè)操作的密鑰取決于所執(zhí)行的加密過程;例如, 數(shù)字簽名生成需要使用私鑰, 而簽名驗(yàn)證需要使用相應(yīng)的公鑰。 每個(gè)公鑰對(duì)只與一個(gè)實(shí)體關(guān)聯(lián);此實(shí)體稱為密鑰對(duì)所有者。公鑰可能為任何人所知, 但私鑰必須僅由密鑰對(duì)所有者知道和使用。密鑰對(duì)是由密鑰對(duì)所有者或受信任方生成的, 將以安全的方式向所有者提供密鑰對(duì)。受信任的一方必須得到使用公鑰的所有各方的信任。非對(duì)稱密鑰的一種用途是生成數(shù)字簽名。在數(shù)據(jù)上生成數(shù)字簽名, 以提供原產(chǎn)地認(rèn)證、數(shù)據(jù)完整性保證或簽名不可否認(rèn)性。數(shù)字簽名由簽名者使用私鑰生成, 并由使用公鑰的接收方進(jìn)行驗(yàn)證。下面的參考部分包含有關(guān)為非對(duì)稱應(yīng)用程序生成密鑰對(duì)的建議的出版物。

Generation of keys for symmetric key algorithms.
Symmetric-key algorithms use the same key to both apply cryptographic protection to information and to remove or verify the protection. Keys used with symmetric-key algorithms must be known only by the entities authorized to apply, remove, or verify the protection, and are commonly known as secret keys. A secret key is often known by multiple entities that may share or own the secret key, although it is not uncommon for a key to be generated, owned, and used by a single entity, such as for secure storage.
A secret key should be generated by one or more of the entities that will share the key, or a trusted party that provides the key to the intended sharing entities in a secure manner. The trusted party must be trusted by all entities that will share the key not to disclose the key to unauthorized parties or otherwise misuse the key.
Publications that include recommendations for the generation of keys for symmetric applications are included in the reference section below.
For More Information
The following publications are related to methods for the management of cryptography. For information about these NIST standards and guidelines, as well as other security-related publications, see here.
Federal Information Processing Standard (FIPS) 140-2, Security Requirements for Cryptographic Modules(The Implementation Guidance for FIPS PUB 140-2 and information about the Cryptographic Module Validation Program is available here.

• 對(duì)稱密鑰算法的密鑰生成

  對(duì)稱密鑰算法使用相同的密鑰將提供信息加密保護(hù)以及刪除或驗(yàn)證保護(hù)。與對(duì)稱密鑰算法一起使用的密鑰必須僅由授權(quán)應(yīng)用、刪除或驗(yàn)證保護(hù)的實(shí)體知道, 并且通常稱為秘密密鑰。秘密密鑰通常由可能共享或擁有秘密密鑰的多個(gè)實(shí)體所知道, 盡管由單個(gè)實(shí)體 (如安全存儲(chǔ)) 生成、擁有和使用密鑰的情況并不少見。
  秘密密鑰應(yīng)由一個(gè)或多個(gè)共享密鑰的實(shí)體生成, 或由以安全方式向預(yù)期共享實(shí)體提供密鑰的受信任方生成。將共享密鑰的所有實(shí)體都必須信任受信任方, 以免向未經(jīng)授權(quán)的當(dāng)事方披露密鑰或以其他方式濫用密鑰。
  下面的參考部分中包含了有關(guān)為對(duì)稱應(yīng)用程序生成密鑰的建議的發(fā)布。
  有關(guān)詳細(xì)信息, 以下出版物與密碼學(xué)管理方法有關(guān)。有關(guān)這些 nist 標(biāo)準(zhǔn)和準(zhǔn)則以及其他與安全有關(guān)的出版物的信息, 請(qǐng)參見此處。
  聯(lián)邦信息處理標(biāo)準(zhǔn) (fips) 140-2, 加密模塊的安全要求 (fips pub 140-2 的實(shí)施指南和有關(guān)加密模塊驗(yàn)證程序的信息, 請(qǐng)參見此處

FIPS 180-4, Secure Hash Standard (SHS)
FIPS 186-3, Digital Signature Standard (DSS)
FIPS 197, Advanced Encryption Standard (AES)
FIPS 198-1, Keyed-Hash Message Authentication Code (HMAC)
Special Publication (SP) 800-38A, Recommendation for Block Cipher Modes of Operation - Methods and Techniques
SP 800-38B, Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication
SP 800-38F, Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping
SP 800-56A, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
SP 800-56B, Recommendation for Pair-Wise Key Establishment Using Integer Factorization Cryptography
SP 800-56C, Recommendation for Key Derivation through Extraction-then-Expansion,
SP 800-57, Part 1, Recommendation for Key Management: General (Revision 3)
SP 800-67, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher
SP 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators
SP 800-90B, Draft Recommendation for the Entropy Sources Used for Random Bit Generation
SP 800-90C, Draft Recommendation for Random Bit Generator (RBG) Constructions
SP 800-108, Recommendation for Key Derivation Using Pseudorandom Functions (Revised)
SP 800-131A, Recommendation for the Transitioning of Cryptographic Algorithms and Key Lengths
SP 800-132, Recommendation for Password-Based Key Derivation, Part 1: Storage Applications
SP 800-135, Recommendation for Existing Application-Specific Key Derivation Function Information about NIST’s information security programs is available from the Computer Security Resource Center here.
ITL Bulletin Publisher:
Elizabeth Lennon, Writer/Editor
Information Technology Laboratory
National Institute of Standards and Technology
Email elizabeth.lennon@nist.gov
Disclaimer
Any mention of commercial products or reference to commercial organizations is for information only; it does not imply recommendation or endorsement by NIST nor does it imply that the products mentioned
are necessarily the best available for the purpose.
fips 180-4, 安全哈希標(biāo)準(zhǔn) (shs)
fips 186-3, 數(shù)字簽名標(biāo)準(zhǔn) (dss)
fips 197, 高級(jí)加密標(biāo)準(zhǔn) (aes)
fips 198-1, 鍵擊消息身份驗(yàn)證代碼 (hmac)
特別出版物 (sp) 800-38A, 關(guān)于塊密碼操作模式的建議-方法和技術(shù)
sp 800-38B, 關(guān)于塊密碼操作模式的建議: cmac 身份驗(yàn)證模式
sp 800-38F, 關(guān)于塊密碼操作模式的建議: 密鑰包裝方法 sp 800-56A, 使用離散對(duì)數(shù)密碼學(xué)建立 pair-wise 密鑰建立方案的建議
sp 800-56B, 關(guān)于使用整數(shù)分解密碼學(xué)建立對(duì)明智的密鑰的建議
sp 800-56C, 通過拉伸當(dāng)時(shí)擴(kuò)展進(jìn)行密鑰派生的建議, sp 800-57, 第1部分, 關(guān)鍵管理建議: 一般 (修訂版 3)
sp 800-67, 關(guān)于三重?cái)?shù)據(jù)加密算法 (tdea) 塊密碼 sp 800-90A 的建議, 關(guān)于使用確定性隨機(jī)比特生成器生成隨機(jī)數(shù)的建議
sp 800-90B, 用于隨機(jī)位生成的熵源的建議草案 sp 800-90B, 隨機(jī)位生成器 (rbg) 構(gòu)造的建議草案
sp 800-108, 關(guān)于使用偽隨機(jī)函數(shù)進(jìn)行密鑰派生的建議 (修訂) sp 8–131a, 關(guān)于密碼算法和關(guān)鍵長(zhǎng)度轉(zhuǎn)換的建議
sp 800-132, 關(guān)于基于密碼的密鑰派生的建議, 第1部分: 存儲(chǔ)應(yīng)用程序
sp 800-135, 關(guān)于現(xiàn)有應(yīng)用程序特定密鑰派生函數(shù)的建議有關(guān) nist 的信息安全程序的信息, 可在這里的計(jì)算機(jī)安全資源中心獲得。
ITL發(fā)布者:
elizabeth lennon, 作家/編輯
信息技術(shù)實(shí)驗(yàn)室
美國(guó)國(guó)家標(biāo)準(zhǔn)與技術(shù)研究所
電郵 elizabeth.lennon@nist.gov

免責(zé)聲明任何提及商業(yè)產(chǎn)品或提及商業(yè)組織僅供參考;它并不意味著 nist 的推薦或認(rèn)可, 也不意味著所提及的產(chǎn)品必然是最適合這一目的的產(chǎn)品。

總結(jié)

以上是生活随笔為你收集整理的NIST:生成安全密码密钥的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。