International Organization for Standardization

Information technology - Security techniques - Key management - Part 3: Mechanisms using asymmetric techniques TECHNICAL CORRIGENDUM 1 - Second Edition
 N ISO/IEC 11770-3 CORR 1

Annotation

This part of ISO/IEC 11770 defines key management mechanisms based on asymmetric cryptographic techniques. It specifically addresses the use of asymmetric techniques to achieve the following goals.

1) Establish a shared secret key for a symmetric cryptographic technique between two entities A and B by key agreement. In a secret key agreement mechanism, the secret key is the result of a data exchange between the two entities A and B. Neither of them can predetermine the value of the shared secret key.

2) Establish a shared secret key for a symmetric cryptographic technique between two entities A and B by key transport. In a secret key transport mechanism, the secret key is chosen by one entity A and is transferred to another entity B, suitably protected by asymmetric techniques.

3) Make an entity's public key available to other entities by key transport. In a public key transport mechanism, the public key of entity A must be transferred to other entities in an authenticated way, but not requiring secrecy.

Some of the mechanisms of this part of ISO/IEC 11770 are based on the corresponding authentication mechanisms in ISO/IEC 9798-3.

This part of ISO/IEC 11770 does not cover aspects of key management such as

- key lifecycle management,

- mechanisms to generate or validate asymmetric key pairs,

- mechanisms to store, archive, delete, destroy, etc. keys.