ДСТУ ISO/IEC 18367:2018 Информационные технологии. Методы защиты. Тестирование соответствия криптографических алгоритмов и механизмов безопасности (ISO/IEC 18367:2016, IDT)

ДСТУ ISO/IEC 18367:2018
(ISO/IEC 18367:2016, IDT)

Інформаційні технології. Методи захисту. Тестування відповідності криптографічних алгоритмів і механізмів безпеки

 
   
 
 
     
Не є офіційним виданням.
Офіційне видання розповсюджує національний орган стандартизації
(ДП «УкрНДНЦ» http://uas.gov.ua)

Contents

Foreword

Introduction

1 Scope

2 Normative references

3 Terms and definitions

4 Symbols and abbreviated terms

5 Objectives

6 Types of cryptographic algorithms and security mechanisms from a conformance testing perspective

6.1 General

6.2 Asymmetric key algorithms

6.3 Digital signature

6.4 Digital signature with message recovery

6.5 Hashing algorithms

6.6 Key establishment mechanisms

6.7 Lightweight cryptography

6.8 Message authentication algorithms

6.9 Random bit generator algorithms

6.9.1 Deterministic random bit generator algorithms

6.9.2 Non-deterministic random bit generator algorithms

6.10 Symmetric key algorithms

6.10.1 Block cipher symmetric key algorithms

6.10.2 Stream cipher symmetric key algorithms

7 Conformance testing methodologies

7.1 Overview

7.2 Black box testing

7.2.1 General

7.2.2 Known-answer test vectors

7.2.3 Multi-block message testing

7.2.4 Monte Carlo or statistical testing

7.3 Glass box or white box testing

7.3.1 Source code inspection

7.3.2 Binary analysis

8 Levels of conformance testing

8.1 Introduction

8.2 Level of basic conformance testing

8.3 Level of moderate conformance

9 Conformance testing guidelines

9.1 General guidelines

9.1.1 Identification

9.1.2 Guidelines for black box testing

9.1.3 Guidelines for white box testing

9.2 Guidelines specific to encryption algorithms

9.2.1 Identification of encryption algorithms

9.2.2 Selecting a set of conformance test items

9.2.3 Guidelines for each conformance test item

9.3 Guidelines specific to digital signature algorithms

9.3.1 Identification of digital signature algorithms

9.3.2 Selecting a set of conformance test items

9.3.3 Guidelines for each conformance test item

9.4 Guidelines specific to hashing algorithms

9.4.1 Identification of hashing algorithms

9.4.2 Selecting a set of conformance test items

9.4.3 Guidelines for each conformance test item

9.5 Guidelines specific to MAC algorithms

9.5.1 Identification of MAC algorithms

9.5.2 Selecting a set of conformance test items

9.5.3 Guidelines for each conformance test item

9.6 Guidelines specific to RBG algorithms

9.6.1 Identification of RBG algorithms

9.6.2 Selecting a set of conformance test items

9.6.3 Guidelines for each conformance test item

9.7 Guidelines specific to key establishment mechanisms

9.7.1 Identification of key establishment mechanisms

9.7.2 Selecting a set of conformance test items

9.7.3 Guidelines for each conformance test item

9.8 Guidelines specific to key derivation function

9.8.1 Identification of key derivation function

9.8.2 Selecting a set of conformance test items

9.8.3 Guidelines for each conformance test item

9.9 Guidelines specific to prime number generation

9.9.1 Identification of prime number generation

9.9.2 Selecting a set of conformance test items

9.9.3 Guidelines for each conformance test item

10 Conformance testing

10.1 Level of conformance testing

10.2 Symmetric key cryptographic algorithms

10.2.1 n-bit block cipher

10.3 Asymmetric key cryptographic algorithms

10.3.1 Digital Signature Algorithm (DSA)

10.3.2 RSA

10.3.3 Elliptic Curve Digital Signature Algorithm (ECDSA)

10.4 Dedicated hashing algorithms

10.4.1 General

10.4.2 Black box testing

10.4.3 White box testing

10.5 Message Authentication Codes (MAC)

10.5.1 Black box testing

10.5.2 White box testing

10.6 Authenticated encryption

10.6.1 Black box testing

10.6.2 White box testing

10.7 Deterministic Random Bit Generation algorithms

10.7.1 DRBG based on ISO/IEC 18031

10.8 Key agreement

10.8.1 Black box testing

10.8.2 White box testing

10.9 Key Derivation Functions (KDF)

10.9.1 Black box testing

10.9.2 White box testing

Annex A (informative) Common mistakes in cryptographic algorithm implementations

Annex B (informative) Examples of known-answer test vectors

Bibliography