UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 6211

Cryptographic Message Syntax (CMS) Algorithm Identifier Protection Attribute

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 April 2011
Status: active
Page Count: 11
scope:

Abstract

The Cryptographic Message Syntax (CMS), unlike X.509/PKIX certificates, is vulnerable to algorithm substitution attacks. In an algorithm substitution attack, the attacker changes either the algorithm being used or the parameters of the algorithm in order to change the result of a signature verification process. In X.509 certificates, the signature algorithm is protected because it is duplicated in the TBSCertificate.signature field with the proviso that the validator is to compare both fields as part of the signature validation process. This document defines a new attribute that contains a copy of the relevant algorithm identifiers so that they are protected by the signature or authentication process.

Document History

IETF RFC 6211
April 1, 2011
Cryptographic Message Syntax (CMS) Algorithm Identifier Protection Attribute
Abstract The Cryptographic Message Syntax (CMS), unlike X.509/PKIX certificates, is vulnerable to algorithm substitution attacks. In an algorithm substitution attack, the attacker changes either the...

References

This document references:
ITU-T X.680 - Information technology – Abstract Syntax Notation One (ASN.1): Specification of basic notation
Published by ITU-T on August 1, 2015
This Recommendation | International Standard provides a standard notation called Abstract Syntax Notation One (ASN.1) that is used for the definition of data types, values, and constraints on data...
This document references:
ITU-T X.683 - Information technology – Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 specifications Technical Corrigendum 1
Published by ITU-T on May 1, 2018
A description is not available for this item.
This document references:
ITU-T X.682 - Information technology – Abstract Syntax Notation One (ASN.1): Constraint specification Technical Corrigendum 1
Published by ITU-T on October 1, 2017
A description is not available for this item.
This document references:
ITU-T X.681 - Information technology – Abstract Syntax Notation One (ASN.1): Information object specification
Published by ITU-T on August 1, 2015
This Recommendation | International Standard is part of Abstract Syntax Notation One (ASN.1) and provides notation for specifying information object classes, information objects and information...
This document is referenced by:
IETF RFC 7515 - JSON Web Signature (JWS)
Published by IETF on May 1, 2015
JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based data structures. Cryptographic algorithms and identifiers for use...
This document is referenced by:
IETF RFC 8933 - Update to the Cryptographic Message Syntax (CMS) for Algorithm Identifier Protection
Published by IETF on October 1, 2020
Abstract This document updates the Cryptographic Message Syntax (CMS) specified in RFC 5652 to ensure that algorithm identifiers in signed-data and authenticated-data content types are adequately...
This document is referenced by:
EN 319 122-1 - Electronic Signatures and Infrastructures (ESI); CAdES digital signatures; Part 1: Building blocks and CAdES baseline signatures
Published by ETSI on June 1, 2023
The present document specifies CAdES digital signatures. CAdES signatures are built on CMS signatures [7], by incorporation of signed and unsigned attributes, which fulfil certain common requirements...
This document is referenced by:
X9.73 - Cryptographic Message Syntax (CMS)
Published by ANSI on July 11, 2023
This standard specifies a cryptographic syntax scheme that can be used to protect financial transactions, files and other messages from unauthorized disclosure and modification. The cryptographic...
View Less
View All
Advertisement