BS ISO IEC 18033-5 pdf download

BS ISO IEC 18033-5 pdf download.Information technology — Security techniques — Encryption algorithms
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 18033-1 and the following apply. 3.1 decryptor entity which decrypts ciphertexts 3.2 encryptor entity which encrypts plaintexts 3.3 hybrid encryption encryption performed using a hybrid cipher 3.4 identifier object that represents something and enables one to identify it 3.5 identity string string that represents an identity 3.6 identity-based cipher asymmetric cipher in which the encryption algorithm takes an arbitrary string as a public key 3.7 identity-based hybrid cipher cipher which is both a hybrid cipher and an identity-based cipher 3.8 identity-based key encapsulation mechanism key encapsulation mechanism for which the encryption process takes an arbitrary string as a public key 3.9 master-public key public value uniquely determined by the corresponding master-secret key 3.10 master-secret key secret value used by the private key generator to compute private keys for an IBE algorithm 3.11 private key extraction algorithm method used by the private key generator to compute private keys for an IBE algorithm 3.12 private key generator entity or function which generates a set of private keys 3.13 public key encryption encryption performed using an asymmetric cipher 3.14 string ordered sequence of symbols 3.15 set up process by which the system parameters for an IBE algorithm are selected 3.16 set up algorithm process which generates a master-secret key and the corresponding master-public key, together with some part of the system parameters 3.17 system parameters parameters for cryptographic computation including a selection of a particular cryptographic scheme or function from a family of cryptographic schemes or functions, or from a family of mathematical spaces 3.18 trusted third party security authority, or its agent, trusted by other entities with respect to security related activities
6 General model for identity-based encryption
6.1 Composition of algorithms An identity-based encryption scheme consists of the following four algorithms. IBE.Setup ( κ ) . Given a security parameter κ,generate a tuple parms, mpk, msk ,where parms denotes system parameters, msk denotes a master-secret key and mpk is the corresponding master-public key. IBE.Extract ( parms, mpk, msk, ID ) . Given a master-secret key msk, the corresponding master-public key mpk and an octet string ID with parms,generate a private key sk ID for ID. IBE.Enc ( parms, mpk, ID, L, Msg ) . Given a plaintext Msg,a label L and an octet string ID with parms and mpk,do the encryption and output the ciphertext of Msg, CT, for ID. Note that Msg, L and CT are octet strings. IBE.Dec ( parms, mpk, ID, sk ID , L, CT ) . Given a private key sk ID with parms, mpk, ID and L,decrypt a ciphertext CT and output the underlying plaintext. In general, the setup, key extraction and encryption algorithms are probabilistic algorithms, while the decryption algorithm is deterministic. It is recommended that applications establish a methodology for authenticating access to private keys by using the ID string as an identity in a trusted authentication system. The details of authenticating the key request are beyond the scope of this part of ISO/IEC 18033, but are critical for the security of an implemented application. NOTE 1 Semantic security against an adaptive chosen ciphertext attack [4] is regarded by the cryptographic research community as the appropriate security level that a general purpose IBE mechanism should satisfy. Each IBE mechanism described in this part of ISO/IEC 18033 satisfies this security level. The formal definition of this security notion is described in Annex B. NOTE 2 A basic requirement of any IBE mechanism is correctness.6.3 Use of labels A label is an octet string whose value is used by the encryption and decryption algorithms. It may contain public data that is implicit from context and need not be encrypted, but that should nevertheless be bound to the ciphertext. A label is an octet string that is meaningful to the application using the IBE scheme, and that is independent of the implementation of the IBE scheme. Three types of label length of IBE are defined as follows.