ASC/X9 - ANSI X9.44
Public-Key Cryptography for the Financial Services Industry Key Establishment Using Integer Factorization Cryptography
|Publication Date:||24 August 2007|
This Standard specifies key establishment schemes using public-key cryptography based on the integer factorization problem. Both key agreement and key transport schemes are specified. The schemes may be used by two parties to transport or agree on shared keying material (see Note 1). The keying material may be used to provide other cryptographic services that are outside the scope of this Standard, e.g. data confidentiality, data integrity, and symmetric-key-based key establishment. The key pair generators may be used in other Standards based on the integer factorization problem.
The Standard also specifies key pair generators and corresponding key pair validation methods supporting the key establishment schemes. (See Note 2) The key pair generators may also be used to produce key pairs for other schemes (e.g., digital signature schemes) based on the integer factorization problem, and the key pair validation methods may likewise be used to validate such key pairs.
This version of the Standard is limited to key establishment schemes and key pair generators and validation methods based on the RSA public-key cryptosystem , and are intended to reflect and guide current industry practice. Future versions may include schemes based on other types of integer factorization cryptography (see Note 3) and/or additional schemes with different attributes (see Note 4).
1. The keying material established by these schemes is assumed to be secret. Key establishment schemes may also be defined for establishing non-secret values securely (e.g., for distributing a public key with integrity protection, as in a certificate). Such schemes are not considered in this Standard.
2. A key pair validation method determines whether a candidate public-key/private-k
3. Forms of integer factorization cryptography that are supported in other standards documents include the Rabin-Williams cryptosystem , ESIGN , and the Okamoto-Uchiyama cryptosystem . Rabin-Williams is supported in ANS X9.31 and IEEE Std 1363-2000 , and the others are in IEEE Std 1363a-2004 .
4. The schemes in this Standard were selected with two primary purposes: to allow compatibility with current industry practice, where appropriate, and to offer enhancements to current industry practice that provide greater security assurance. The set of attributes offered by the schemes is thus limited when compared to the full portfolio of schemes in integer factorization cryptography, as well as what is available in ASC X9 standards for other families of public-key cryptography.
5. The key establishment schemes specified in this Standard involve general constructions with underlying components specific to integer factorization cryptography. For other purposes, underlying components from finite field DLC (discrete logarithm cryptography) or elliptic curve DLC could also be employed in the constructions, though such use is outside the scope of this Standard.