This document provides definitions, formats, references, and citations for cryptographic algorithms, usage modes, and associated identifiers and parameters used in support of Privacy Enhanced Mail (PEM) in the Internet community. It is intended to become one member of the set of related PEM RFCs. This document is organized into four primary sections, dealing with message encryption algorithms, message integrity check algorithms, symmetric key management algorithms, and asymmetric key management algorithms (including both asymmetric encryption and asymmetric signature algorithms). Some parts of this material are cited by other documents and it is anticipated that some of the material herein may be changed, added, or replaced without affecting the citing documents. Therefore, algorithm-specific material has been placed into this separate document. Use of other algorithms and/or modes will require case-by-case study to determine applicability and constraints. The use of additional algorit...

This memo describes a syntax for securing messages sent using the Hypertext Transfer Protocol (HTTP), which forms the basis for the World Wide Web. Secure HTTP (S-HTTP) provides independently applicable security services for transaction confidentiality, authenticity/integrity and non-repudiability of origin.

MD5 is an authentication algorithm proposed as the required implementation of the authentication option in IPv6. This paper presents an analysis of the speed at which MD5 can be implemented in software and hardware, and discusses whether its use interferes with high bandwidth networking. The analysis indicates that MD5 software currently runs at 85 Mbps on a 190 Mhz RISC architecture, a rate that cannot be improved more than 20-40%. Because MD5 processes the entire body of a packet, this data rate is insufficient for current high bandwidth networks, including HiPPI and FiberChannel. Further analysis indicates that a 300 Mhz custom VLSI CMOS hardware implementation of MD5 may run as fast as 256 Mbps. The hardware rate cannot support existing IPv4 data rates on high bandwidth links (800 Mbps HiPPI). The use of MD5 as the default required authentication algorithm in IPv6 should therefore be reconsidered, and an alternative should be proposed. This paper includes a brief description of the...

This paper gives a survey on cryptographic hash functions. It gives an overview of all types of hash functions and reviews design principals and possible methods of attacks. It also focuses on keyed hash functions and provides the applications, requirements, and constructions of keyed hash functions.

This document specifies algorithm identifiers and ASN.1 encoding formats for digital signatures and subject public keys used in the Internet X.509 Public Key Infrastructure (PKI). Digital signatures are used to sign certificates and certificate revocation list (CRLs). Certificates include the public key of the named subject. Table of Contents 1

Syntax Notation 1 BER Basic Encoding Rules BLOB Binary Large Object CA Certification Authority CC Common Criteria CEN Comit Europen de Normalisation (European Committee for Standardization) CMS Cryptographic Message Syntax CPS Certification Practice Statement CRL Certificate Revocation List CRT Cathode Ray Tube CSP Certification Service Provider DER Distinguished Encoding Rules DOM Document Object Model DTD Document Type Declaration EESSI European Electronic Signature Standardization Initiative ETSI European Telecommunications Standards Institute FTP File Transfer Protocol HMAC Hash-based Message Authentication Code HTML HyperText Markup Language HTTP Hypertext Transport Protocol I/O Input/Output IAIK Institut fr Angewandte Informationsverarbeitung und Kommunikationstechnologie (Institute for Applied Information Processing and Communications) 106 ICTSB Information and Communications Technologies Standards Board IETF Internet Engineering Task Force ISSS Information Society Standardization System ITSEC Information Technology Security IT Information Technology JCA Java Cryptography Architecture JCE Java Cryptography Extension JPEG Joint Photographic Experts' Group JVM Java Virtual Machine MAC Message Authentication Code MD5 Message Digest 5 MIME Multipurpose Internet Mail Extensions OCSP Online Certificate Status Protocol PC Personal Computer PDA Personal Digital Assistant PIN Personal Identification Number PKCS Public-Key Cryptography Standards PKCS#7 Public-Key Cryptography Standards Number 7 PKI Public-Key Infrastructure RIPEMD-160 RACE Integrity Primitives Evaluation Message Digest 160-bit RSA Rivest, Shamir, Adleman RTF Rich Text Format S/MIME Secure/Multipurpose Internet Mail Extensions SCD Signature Creation Data SHA-1...

This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." To learn the current status of any Internet-Draft, please check the "1id-abstracts.txt " listing contained in the Internet- Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), munnari.oz.au Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). This is the second draft of the Internet Public Key Infrastructure

This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (1998). All Rights Reserved. Table of Contents 1. Introduction.....................................2 1.1 Overview.........................................3 2. Notation.........................................3 3. Key types........................................5 3.1 RSA public key...................................5 3.2 RSA private key..................................5 4. Data conversion primitives.......................6 4.1 I2OSP............................................6 4.2 OS2IP............................................7 5. Cryptographic primitives.........................8 5.1 Encryption and decryption primitives.............8 5.1.1 RSAEP............................................8 5.1.2 RSADP............................................9 5.2 Signature and verification primitives...........10 5.2.1 RSASP1..........................................10 5.2.2 RSAVP1..........................................11 6. Overview of schemes.............................11 7. Encryption schemes..............................12 7.1 RSAES-OAEP......................................13 7.1.1 Encryption operation............................13 7.1.2 Decryption operation............................14 7.2 RSAES-PKCS1-v1_5................................15 7.2.1 Encryption operation............................17 7.2.2 Decryption operation............................17 8. Signature schemes with appendix.................18 8.1 RSASSA-PKCS1-v1_5...............................19 8.1.1 Signature generation operation..................20 Kaliski & Staddon Informational [Page 1]

This document provides definitions, formats, references, and citations for cryptographic algorithms, usage modes, and associated identifiers and parameters used in support of Privacy Enhanced Mail (PEM) in the Internet community. It is intended to become one member of the set of related PEM RFCs. This document is organized into four primary sections, dealing with message encryption algorithms, message integrity check algorithms, symmetric key management algorithms, and asymmetric key management algorithms (including both asymmetric encryption and asymmetric signature algorithms).

This memo represents a republication of PKCS #5 v2.0 from RSA Laboratories' Public-Key Cryptography Standards (PKCS) series, and change control is retained within the PKCS process. The body of this document, except for the security considerations section, is taken directly from that specification.