This part of GB/T17901 defines the requirements for the key management mechanism based on asymmetric cryptography, key derivation function, remainder multiplication, key commitment, key confirmation, key management framework, key agreement, key transfer , Public key delivery. This section intends to achieve the following purposes: a) Establish a shared key through key agreement for symmetric encryption between entity A and entity B. In the key agreement mechanism, the key is calculated through the data exchanged between entity A and entity B, and any entity cannot predetermine the value of the shared key. b) Establish a shared key through key transfer, which is used for symmetric encryption between entity A and entity B. In the key transfer mechanism, the key is selected by entity A and passed to entity B using asymmetric cryptographic protection technology. c) Pass the public key of entity A to other entities through key transfer. In the public key transfer mechanism, the public key of entity A is passed to other entities after being authenticated, but it does not need to be kept secret. Some mechanisms defined in this section are based on the corresponding authentication mechanisms in GB/T 15843.3-2016. This section does not include the following key management content: a) Key lifetime management; b) Mechanisms for generating or determining asymmetric key pairs; c) Key storage, archiving, deletion and other mechanisms. This part applies to the development of systems that use asymmetric technology to achieve key management, and can also guide the detection of such systems. Note: The mechanism defined in this section does not involve the distribution of the entity's private key, and the key exchange message is signed by the public key signature system.
GB/T 17901.3-2021 Referenced Document
GB/T 15843.3-2016 Information technology.Security techniques.Entity authentication.Part 3:Mechanisms using digital signature techniques
GB/T 17901.3-2021 history
2021GB/T 17901.3-2021 Information technology—Security techniques—Key management—Part 3: Mechanisms using asymmetric techniques