as nzs iso iec 18033.4-2006 information technology - security techniques - encryption algorithms...
TRANSCRIPT
-
7/31/2019 As NZS ISO IEC 18033.4-2006 Information Technology - Security Techniques - Encryption Algorithms Stream Ciphe
1/8
AS/NZS ISO/IEC 18033.4:2006ISO/IEC 18033-4:2005
Australian/New Zealand Standard
Information technologySecuritytechniquesEncryption algorithms
Part 4: Stream ciphers
AS/NZS
ISO/IEC18033.4:2006
-
7/31/2019 As NZS ISO IEC 18033.4-2006 Information Technology - Security Techniques - Encryption Algorithms Stream Ciphe
2/8
AS/NZS ISO/IEC 18033.4:2006
This Joint Australian/New Zealand Standard was prepared by Joint TechnicalCommittee IT-012, Information Systems, Security and Identification. It wasapproved on behalf of the Council of Standards Australia on 31 March 2006 and onbehalf of the Council of Standards New Zealand on 16 June 2006.This Standard was published on 10 July 2006.
The following are represented on Commit tee IT-012:
Attorney Generals Department
Australia Post
Australian Association of Permanent Building Societies
Australian Bankers Association
Australian Chamber of Commerce and Industry
Australian Electrical and Electronic Manufacturers Association
Australian Information Industry Association
Certification Forum of AustraliaConsumers Federation of Australia
Department of Defence (Australia)
Department of Social Welfare New Zealand
Government Communications Security Bureau, New Zealand
Internet Industry Association
NSW Police Service
New Zealand Defence Force
Reserve Bank of Australia
Keeping Standards up-to-date
Standards are living documents which reflect progress in science, technology andsystems. To maintain their currency, all Standards are periodically reviewed, andnew editions are published. Between editions, amendments may be issued.Standards may also be withdrawn. It is important that readers assure themselvesthey are using a current Standard, which should include any amendments whichmay have been published since the Standard was purchased.
Detailed information about joint Australian/New Zealand Standards can be found byvisiting the Standards Web Shop at www.standards.com.au or Standards NewZealand web site at www.standards.co.nz and looking up the relevant Standard inthe on-line catalogue.
Alternatively, both organizations publish an annual printed Catalogue with fulldetails of all current Standards. For more frequent listings or notification ofrevisions, amendments and withdrawals, Standards Australia and Standards NewZealand offer a number of update options. For information about these services,users should contact their respective national Standards organization.
We also welcome suggestions for improvement in our Standards, and especiallyencourage readers to notify us immediately of any apparent inaccuracies orambiguities. Please address your comments to the Chief Executive of eitherStandards Australia or Standards New Zealand at the address shown on the backcover.
This Standard was issued in draft form for comment as DR 06035.
-
7/31/2019 As NZS ISO IEC 18033.4-2006 Information Technology - Security Techniques - Encryption Algorithms Stream Ciphe
3/8
AS/NZS ISO/IEC 18033.4:2006
Australian/New Zealand StandardInformation technologySecuritytechniquesEncryption algorithms
Part 4: Stream ciphers
COPYRIGHT
Standards Australia/Standards New Zealand
All rights are reserved. No part of this work may be reproduced or copied in any form or byany means, electronic or mechanical, including photocopying, without the written
permission of the publisher.
Jointly published by Standards Australia, GPO Box 476, Sydney, NSW 2001 and Standards
New Zealand, Private Bag 2439, Wellington 6020
ISBN 0 7337 7594 2
First published as AS/NZS ISO/IEC 18033.4:2006.
-
7/31/2019 As NZS ISO IEC 18033.4-2006 Information Technology - Security Techniques - Encryption Algorithms Stream Ciphe
4/8
ii
PREFACE
This Standard was prepared by the Joint Standards Australia/Standards New Zealand Committee
IT-012, Information Systems, Security and Identification.
This Standard is identical with, and has been reproduced from ISO/IEC 18033-4:2005,
Information technologySecurity techniquesEncryption algorithmsPart 4: Stream ciphers.
The objective of this Standard is to provide the Information Security programming and
development community with clear guidance to the selection and implementation of appropriate
encryption algorithms.
This Standard is Part 4 of AS/NZS ISO/IEC 18033, Information technologySecurity
techniquesEncryption Algorithms, which when complete will consist of the following:
Part 1: General
Part 2: Asymmetric ciphers
Part 3: Block ciphers
Part 4: Stream ciphers (this Standard)
The terms normative and informative are used to define the application of the annex to
which they apply. A normative annex is an integral part of a standard, whereas an informative
annex is only for information and guidance.
As this Standard is reproduced from an international standard, the following applies:
(a) Its number appears on the cover and title page while the international standard number
appears only on the cover.
(b) In the source text this part of ISO/IEC 18033 should read this Australian/New Zealand
Standard.(c) A full point substitutes for a comma when referring to a decimal marker.
Reference to International Standard Australian/New Zealand Standard
ISO/IEC AS/NZS
18033 Information technologySecurity
techniquesEncryption algorithms
18033 Information technologySecurity
techniquesEncryption algorithms
18033-1 Part 1: General 18033.1 Part 1: General
18033-3 Part 3: Block ciphers 18033.3 Part 3: Block ciphers
-
7/31/2019 As NZS ISO IEC 18033.4-2006 Information Technology - Security Techniques - Encryption Algorithms Stream Ciphe
5/8
ii i
CONTENTS
Page
1 Scope ..................................................................................................................................................... 1
2 Normative references ........................................................................................................................... 1
3 Terms and definitions........................................................................................................................... 1
4 Symbols and abbreviated terms.......................................................................................................... 44.1 Left-truncation of bits........................................................................................................................... 54.2 Shift operation....................................................................................................................................... 64.3 Variable I(k) ........................................................................................................................................... 6
5 General models for stream ciphers .................................................................................................... 65.1 Keystream generators.......................................................................................................................... 65.1.1 Synchronous keystream generators .................................................................................................. 6
5.1.2 Self-synchronizing keystream generators ......................................................................................... 65.2 Output functions................................................................................................................................... 75.2.1 Binary-additive output function .......................................................................................................... 75.2.2 MULTI-S01 output function.................................................................................................................. 8
6 Constructing keystream generators from block ciphers................................................................ 106.1 Modes of a block cipher for a synchronous keystream generator................................................ 106.1.1 OFB mode............................................................................................................................................ 116.1.2 CTR mode ............................................................................................................................................ 116.2 Mode of a block cipher for a self-synchronizing keystream generator ........................................ 126.2.1 CFB mode ............................................................................................................................................ 12
7 Dedicated keystream generators ...................................................................................................... 137.1 MUGI keystream generator ................................................................................................................ 13
7.1.1 Initialization function Init.................................................................................................................... 147.1.2 Next-state function Next..................................................................................................................... 157.1.3 Keystream function Strm ................................................................................................................... 157.1.4 Function1 .......................................................................................................................................... 157.1.5 Function1........................................................................................................................................... 167.1.6 Function F............................................................................................................................................ 167.1.7 Function SR.......................................................................................................................................... 177.1.8 Function M........................................................................................................................................... 187.2 SNOW 2.0 keystream generator ........................................................................................................ 187.2.1 Initialization function Init.................................................................................................................... 197.2.2 Next-state function Next..................................................................................................................... 207.2.3 Keystream function Strm ................................................................................................................... 217.2.4 Function T............................................................................................................................................ 21
7.2.5 Multiplications ofin finite field arithmetic..................................................................................... 227.2.6 Multiplications of
1in finite field arithmetic................................................................................. 22
7.2.7 Function FSM(x, y, z) ......................................................................................................................... 23
Annex A (informative) Examples..................................................................................................................... 24A.1 Operations over the finite field GF(2
n) .............................................................................................. 24
A.2 Example for MUGI ............................................................................................................................... 24A.2.1 Key, initialization vector, and keystream triplets ............................................................................ 24A.2.2 Sample internal states........................................................................................................................ 24A.3 Example for SNOW 2.0 ....................................................................................................................... 30A.3.1 128-bit key............................................................................................................................................ 30A.3.2 256-bit key............................................................................................................................................ 34
-
7/31/2019 As NZS ISO IEC 18033.4-2006 Information Technology - Security Techniques - Encryption Algorithms Stream Ciphe
6/8
iv
Page
Annex B (informative) Security information ................................................................................................. 39B.1 Security levels of stream ciphers...................................................................................................... 39B.1.1 Security-efficiency trade-off in MULTI-S01 ...................................................................................... 40B.2 Implementation examples of dedicated keystream generators..................................................... 40Annex C (normative) Object identifiers.......................................................................................................... 41Bibliography..................................................................................................................................................... 43
-
7/31/2019 As NZS ISO IEC 18033.4-2006 Information Technology - Security Techniques - Encryption Algorithms Stream Ciphe
7/8
1
AUSTRALIAN/NEW ZEALAND STANDARD
1 Scope
This part of ISO/IEC 18033 specifies stream cipher algorithms. A stream cipher is an encryption mechanismthat uses a keystream to encrypt a plaintext in bitwise or block-wise manner. There are two types of streamcipher: a synchronous stream cipher, in which the keystream is only generated from the secret key (and aninitialization vector) and a self-synchronizing stream cipher, in which the keystream is generated from the
secret key and some past ciphertexts (and an initialization vector). Typically the encryption operation is theadditive bitwise XOR operation between a keystream and the message. This part of ISO/IEC 18033 describesboth pseudorandom number generators for producing keystream, and output functions for stream ciphers.
The algorithms specified in this part of ISO/IEC 18033 have been assigned object identifiers in accordance withISO/IEC 9834. The list of assigned object identifiers is given in Annex C. Any change to the specificationof the algorithms resulting in a change of functional behaviour will result in a change of the object identifierassigned to the algorithm.
NOTE 1 In applications where a combination of algorithms is being used, or when an algorithm is parameterized by thechoice of a combination of other algorithms, the combination may be specified as a sequence of object identifiers.Alternatively, the object identifiers of lower layer algorithms may be included in the parameter field of the higher layeralgorithm's identifier structure. For example, the object identifier of a block cipher could be included as a parameter in the
algorithm identifier structure for a keystream generator. The algorithm identifier structure is defined in ISO/IEC 9594-8.
NOTE 2 The encoding of object identifiers is application dependent.
3.1big-endian
a method of storage of multi-byte numbers with the most significant bytes at the lowest memory addresses.
[ISO/IEC 10118-1: 2000]
Information technology Security techniques Encryptionalgorithms
Part 4:Stream ciphers
2 Normative references
The following referenced documents are indispensable for the application of this document. For datedreferences, only the edition cited applies. For undated references, the latest edition of the referenceddocument (including any amendments) applies.
ISO/IEC 18033-1, Information technology Security techniques Encryption algorithms Part 1: General
ISO/IEC 18033-3, Information technology Security techniques Encryption algorithms Part 3: Blockciphers
For the purposes of this document, the terms and definitions given in ISO/IEC 18033-1 and the followingapply.
3 Terms and definitions
COPYRIGHT
-
7/31/2019 As NZS ISO IEC 18033.4-2006 Information Technology - Security Techniques - Encryption Algorithms Stream Ciphe
8/8
This is a free preview. Purchase the entire publication at the link below:
Looking for additional Standards? Visit SAI Global Infostore
Subscribe to ourFree Newsletters about Australian Standards in Legislation; ISO, IEC, BSI and more
Do you need to Manage Standards Collections Online?
Learn about LexConnect, All Jurisdictions, Standards referenced in Australian legislation
Do you want to know when a Standard has changed?
Want to become an SAI Global Standards Sales Affiliate?
Learn about other SAI Global Services:
LOGICOM Military Parts and Supplier DatabaseMetals Infobase Database of Metal Grades, Standards and Manufacturers
Materials Infobase Database of Materials, Standards and Suppliers
Database of European Law, CELEX and Court Decisions
Need to speak with a Customer Service Representative - Contact Us
AS/NZS ISO/IEC 18033.4:2006, Informationtechnology - Security techniques - Encryptionalgorithms Stream ciphers
http://infostore.saiglobal.com/store?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Newsletters/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Collections/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/StandardsWatch/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Affiliate/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/LOGICOM/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/LOGICOM/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Metals/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Materials/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/European-Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store/getpage.aspx?path=/InformationServices/shop/pages/ContactingUs.htm&utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store/Details.aspx?ProductId=394728&utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store/getpage.aspx?path=/InformationServices/shop/pages/ContactingUs.htm&utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/European-Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Materials/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Metals/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/LOGICOM/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Affiliate/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/StandardsWatch/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Collections/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Newsletters/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSites