ДСТУ ETSI TS 119 312:2015 Електронні підписи й інфраструктури (ESI). Криптографічні комплекти (ETSI TS 119 312:2014, IDT)
ПІДТВЕРДЖУВАЛЬНЕ ПОВІДОМЛЕННЯ
Наказ
(ДП «УкрНДНЦ»)
від 05.11.2015 № 145
ETSI TS 119 312:2014
en: Electronic Signatures and Infrastructures (ESI); Cryptographic Suites
прийнято як національний стандарт
методом «підтвердження» за позначенням
ДСТУ ETSI TS 119 312:2015
uk: Електронні підписи й інфраструктури ( ESI ). Криптографічні комплекти
(ETSI TS 119 312:2014, IDT)
З наданням чинності від 2016 –01–01
Contents
Intellectual Property Rights
Foreword
Modal verbs terminology
Introduction
1 Scope
2 References
2.1 Normative references
2.2 Informative references
3 Definitions and abbreviations
3.1 Definitions
3.2 Abbreviations
4 Maintenance of the document
5 Hash functions
5.1 General
5.2 Recommended hash functions
5.2.1 SHA-224
5.2.2 SHA-256
5.2.3 SHA-384
5.2.4 SHA-512
5.2.5 SHA-512/256
5.3 Other hash functions
5.3.1 SHA-1 is no more recommended
5.3.2 WHIRLPOOL is no more recommended
5.3.3 SHA-3
6 Signature schemes
6.1 Signature algorithms
6.1.1 General
6.1.2 Recommended signature algorithms
6.1.2.1 RSA
6.1.2.2 DSA
6.1.2.3 Elliptic curve analogue of DSA based on a group E(Fp)
6.1.2.4 Elliptic curve analogue of DSA based on a group E(F2m)
6.1.2.5 EC-GDSA based on a group E(Fp)
6.1.2.6 EC-GDSA based on a group E(F2m)
6.1.2.7 Other EC-DSA variants for future applications
6.2 Key generation algorithms
6.2.1 General
6.2.2 Recommended key generation algorithms
6.2.2.1 Key and parameter generation algorithm rsagen1
6.2.2.2 Key and parameter generation algorithm dsagen1
6.2.2.3 Key and parameter generation algorithm ecgen1 for ecdsa-Fp
6.2.2.4 Key and parameter generation algorithm ecgen2 for ecdsa-F2m
6.2.2.5 Key and parameter generation algorithm ecgen1 for ecgdsa-Fp
6.2.2.6 Key and parameter generation algorithm ecgen2 for ecgdsa-F2m
7 Signature suites
7.1 General
7.2 Padding methods
7.3 Recommended signature suites
8 Random number generation methods
8.1 General
8.2 Recommended random number generation methods
8.2.1 General
8.2.2 Random generator requirements trueran
8.2.3 Random generator requirements pseuran
9 Recommended hash functions and key sizes versus time
9.1 Basis for the recommendations
9.2 Recommended hash functions versus time
9.3 Recommended key sizes versus time
10 Time period resistance of hash functions and keys
10.1 General notes
10.2 Time period resistance for hash functions
10.3 Time period resistance for signer's key
10.4 Time period resistance for trust anchors
10.5 Time period resistance for other keys
11 Practical ways to identify hash functions and signature algorithms
11.1 General
11.2 Hash functions and signature algorithms objects identified using OIDs
11.2.1 Hash functions
11.2.2 Signature algorithms
11.2.3 Signature suites
11.3 Hash functions and signature algorithms identified objects using URNs
11.3.1 Hash functions
11.3.2 Signature algorithms
11.3.3 Signature suites
11.4 Recommended hash functions and signature algorithms objects that do not yet have an OID or a description
Annex A (normative): Algorithms for various data structures
A.1 CAdES and PAdES
A.2 XAdES
A.3 Signer's certificates
A.4 CRLs
A.5 OCSP responses
A.6 CA certificates
A.7 Self-signed certificates for CA issuing CA certificates
A.8 TSTs based on RFC 3161
A.9 TSU certificates
A.10 Self-signed certificates for CAs issuing TSU certificates
Annex B (informative): Recommended key sizes (historical)
Annex C (informative): Signature maintenance
History
Повна версія документа доступна в тарифі «ВСЕ ВРАХОВАНО».