SlideShare a Scribd company logo

Pkcs 5

Download as DOC, PDF
S
snakesv

This document describes a password-based encryption standard (PKCS #5) that defines two key derivation algorithms combining message digest algorithms (MD2 and MD5) with DES encryption. The standard defines processes for encrypting and decrypting messages using a password, salt value, and iteration count to derive the encryption key. The encryption process formats the message and padding into a block, derives the key from the password/salt/count, and encrypts the block with DES-CBC. The decryption process reverses these steps to recover the original message.

Engineering
1 of 8
Copyright © 1991–1993 RSA Laboratories, a division of RSA Data Security, Inc. License to copy this document is granted provided that it is identified as "RSA Data Security, Inc. Public-Key Cryptography Standards (PKCS)" in all material mentioning or referencing this document. 003-903020-150-000-000 PKCS #5: Password-Based Encryption Standard An RSA Laboratories Technical Note Version 1.5 Revised November 1, 1993* 1. Scope This standard describes a method for encrypting an octet string with a secret key derived from a password. The result of the method is an octet string. Although the standard can be used to encrypt arbitrary octet strings, its intended primary application to public-key cryptography is for encrypting private keys when transferring them from one computer system to another, as described in PKCS #8. The standard defines two key-encryption algorithms: "MD2 with DES-CBC" and "MD5 with DES-CBC." The algorithms employ DES secret-key encryption in cipher-block chaining mode, where the secret key is derived from a password with the MD2 message- digest algorithm, or MD5 message-digest algorithm. 2. References FIPS PUB 46–1 National Bureau of Standards. FIPS PUB 46–1: Data Encryption Standard. January 1988. FIPS PUB 81 National Bureau of Standards. FIPS PUB 81: DES Modes of Operation. December 1980. PKCS #8 RSA Laboratories. PKCS #8: Private-Key Information Syntax Standard. Version 1.2, November 1993. RFC 1319 B. Kaliski. RFC 1319: The MD2 Message-Digest Algorithm. April 1992. *Supersedes June 3, 1991 version, which was also published as NIST/OSI Implementors' Workshop document SEC- SIG-91-20. PKCS documents are available by electronic mail to <pkcs@rsa.com>. Copyright © 1991–1993 RSA Laboratories, a division of RSA Data Security, Inc. License to copy this document is granted provided that it is identified as "RSA Data Security, Inc. Public-Key Cryptography Standards (PKCS)" in all material mentioning or referencing this document. 003-903020-150-000-000
Page 2 PKCS #5: Password-Based Encryption Standard§ RFC 1321 R. Rivest. RFC 1321: The MD5 Message-Digest Algorithm. April 1992. X.208 CCITT. Recommendation X.208: Specification of Abstract Syntax Notation One (ASN.1). 1988. X.509 CCITT. Recommendation X.509: The Directory—Authentication Framework. 1988. [MT79] Robert Morris and Ken Thompson. Password security: A case history. Communications of the ACM, 22(11):594–597, November 1979. 3. Definitions For the purposes of this standard, the following definitions apply. AlgorithmIdentifier: A type that identifies an algorithm (by object identifier) and any associated parameters. This type is defined in X.509. ASN.1: Abstract Syntax Notation One, as defined in X.208. CBC mode: The cipher-block chaining mode of DES, as defined in FIPS PUB 81. DES: Data Encryption Standard, as defined in FIPS PUB 46-1. MD2: RSA Data Security, Inc.'s MD2 message-digest algorithm, as defined in RFC 1319. MD5: RSA Data Security, Inc.'s MD5 message-digest algorithm, as defined in RFC 1321. 4. Symbols and abbreviations Upper-case italic symbols (e.g., C) denote octet strings; lower-case italic symbols (e.g., c) denote integers. ab hexadecimal octet value P password C ciphertext PS padding string EB encryption block S salt value IV initializing vector c iteration count
5. General overview§ Page 3 K DES key mod n modulo n M message X || Y concatenation of X, Y ||X|| length in octets of X 5. General overview The next three sections specify the encryption process, the decryption process, and object identifiers. Each entity shall privately select an octet string P as its "password." The password is an arbitrary octet string, and it need not be a printable "word" in the usual sense. The octet string may contain zero or more octets. Each entity shall also select an eight-octet string S as its salt value and a positive integer c as its iteration count. The salt value S and the iteration count c are parameters of the algorithm identifier for the password-based encryption algorithm. An entity's password, salt value, and iteration count may be different for each message the entity encrypts. Two password-based encryption algorithms are defined here. The first algorithm (informally, "MD2 with DES-CBC") combines the MD2 message-digest algorithm with DES in cipher-block chaining mode, and the second (informally, "MD5 with DES-CBC") combines the MD5 message-digest algorithm with DES in cipher-block chaining mode. The "selected" message-digest algorithm shall either be MD2 or MD5, depending on the password-based encryption algorithm. The encryption and decryption processes shall both be performed with the password, salt value, and iteration count as a key for the password-based encryption algorithm. Both processes transform an octet string to another octet string. The processes are inverses of one another if they use the same key. Notes. 1. Some security conditions on the choice of password may well be taken into account in order to deter standard attacks such as dictionary attacks. These security conditions fall outside the scope of this standard. 2. How passwords are entered by an entity (a user) is outside the scope of
Page 4 PKCS #5: Password-Based Encryption Standard§ this standard. However, it is recommended in the interest of interoperability that when messages encrypted according to this standard are to be transferred from one computer system to another, the password should consist of printable ASCII characters (values 32 to 126 decimal inclusive). This recommendation may require that password-entry software support optional conversion from a local character set to ASCII. 3. The iteration count provides a method of varying the time to derive a DES key from the password, thereby making dictionary attacks more expensive. 4. The selection of a salt value independent from the password limits the efficiency of dictionary attacks directed collectively against many messages encrypted according to this standard, e.g., against a database of encrypted private keys. This concept is explained in Morris and Thompson's paper on passwords [MT79]. 5. A convenient way to select the salt value S is to set it to the first eight octets of the message digest of the octet string P || M. This method works best when the message M is somewhat random (e.g., a private key), for then the salt value S reveals no significant information about M or P. This method is not recommended, however, if the message M is known to belong to a small message space (e.g., "Yes" or "No"). 6. The iteration count and the method of selecting a salt value may be standardized in particular applications. 6. Encryption process This section describes the password-based encryption process. The encryption process consists of three steps: DES key generation, encryption-block formatting, and DES encryption. The input to the encryption process shall be an octet string M, the message; an octet string P, the password; an octet string S, the salt value; and an integer c, the iteration count. The output from the encryption process shall be an octet string C, the ciphertext. Note. The encryption process does not provide an explicit integrity check to facilitate error detection should the encrypted data be corrupted in transmission. However, the structure of the encryption block guarantees that the probability that corruption is undetected is less than 2-8. 6.1 DES key generation A DES key K and an initializing vector IV shall be generated from the password P, the salt value S, and the iteration count c. The key generation process shall involve the following steps: 1. The octet string P || S shall be digested with c iterations of the selected message-digest algorithm. "One iteration" of the message-digest algorithm is just the ordinary message digest; "two iterations" is the message digest
5. General overview§ Page 5 of the message digest; and so on. 2. The least significant bit of each of the first eight octets of the result of step 1 shall be changed if necessary to give the octet odd parity, as required by DES. The resulting eight octets shall become the DES key K. 3. The last eight octets of the result of step 1 shall become the initializing vector IV. 6.2 Encryption-block formatting The message M and a padding string PS shall be formatted into an octet string EB, the encryption block. EB = M || PS . (1) The padding string PS shall consist of 8 - (||M|| mod 8) octets all having value 8 - (||M|| mod 8). (This makes the length of the encryption block EB a multiple of eight octets.) In other words, the encryption block EB satisfies one of the following statements: EB = M || 01 — if ||M|| mod 8 = 7 ; EB = M || 02 02 — if ||M|| mod 8 = 6 ; × × × EB = M || 08 08 08 08 08 08 08 08 — if ||M|| mod 8 = 0 . Note. The encryption block can be parsed unambiguously since every encryption block ends with a padding string and no padding string is a suffix of another. 6.3 DES encryption The encryption block EB shall be encrypted under DES in cipher-block chaining mode with key K and initializing vector IV. The result of encryption shall be an octet string C, the ciphertext. Note. The length of the ciphertext C is a multiple of eight octets. 7. Decryption process This section describes the password-based decryption process. The decryption process consists of three steps: DES key generation, DES decryption, and encryption-block parsing. The input to the decryption process shall be an octet string C, the ciphertext; an octet string P, the password; an octet string S, the salt value; and an integer c, the iteration count. The output from the decryption process shall an octet string M, the message. For brevity, the decryption process is described in terms of the encryption process.
Page 6 PKCS #5: Password-Based Encryption Standard§ 7.1 DES key generation A DES key K and an initializing vector IV shall be generated from the password P, the salt value S, and the iteration count c as described for the encryption process. 7.2 DES decryption The ciphertext C shall be decrypted under DES in cipher-block chaining mode with key K and initializing vector IV. The result of decryption shall be an octet string EB, the encryption block. It is an error if the length of the ciphertext C is not a multiple of eight octets. 7.3 Encryption-block parsing The encryption block EB shall be parsed into an octet string M, the message, and an octet string PS, the padding string, according to Equation (1). It is an error if the encryption block cannot be parsed according to Equation (1), i.e., if the encryption block does not end with k octets all having value k for some k between 1 and 8. 8. Object identifiers This standard defines three object identifiers: pkcs-5, pbeWithMD2AndDES-CBC, and pbeWithMD5AndDES-CBC. The object identifier pkcs-5 identifies this standard. pkcs-5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) US(840) rsadsi(113549) pkcs(1) 5 } The object identifiers pbeWithMD2AndDES-CBC and pbeWithMD5AndDES-CBC identify, respectively, the "MD2 with DES-CBC" and "MD5 with DES-CBC" password- based encryption and decryption processes defined in Sections 6 and 7. pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= { pkcs-5 1 } pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= { pkcs-5 3 } These object identifiers are intended to be used in the algorithm field of a value of type AlgorithmIdentifier. The parameters field of that type, which has the algorithm-specific syntax ANY DEFINED BY algorithm, would have ASN.1 type PBEParameter for these algorithms. PBEParameter ::= SEQUENCE { salt OCTET STRING SIZE(8), iterationCount INTEGER }
5. General overview§ Page 7 The fields of type PBEParameter have the following meanings: • salt is the salt value S. • iterationCount is the iteration count c.
Revision history§ Page 8 Revision history Versions 1.0–1.3 Versions 1.0–1.3 were distributed to participants in RSA Data Security, Inc.'s Public-Key Cryptography Standards meetings in February and March 1991. Version 1.4 Version 1.4 is part of the June 3, 1991 initial public release of PKCS. Version 1.4 was published as NIST/OSI Implementors' Workshop document SEC-SIG-91-20. Version 1.5 Version 1.5 incorporates several editorial changes, including updates to the references and the addition of a revision history. Author's address RSA Laboratories (415) 595-7703 100 Marine Parkway (415) 595-4126 (fax) Redwood City, CA 94065 USA pkcs-editor@rsa.com

Recommended

6.hash mac
6.hash mac6.hash mac
6.hash mac
Virendrakumar Dhotre
 
Ch11
Ch11Ch11
Ch11Joe Christensen
 
Hash function
Hash functionHash function
Hash function
Harry Potter
 
Pgp smime
Pgp smimePgp smime
Pgp smime
Tania Agni
 
Encryption
EncryptionEncryption
Encryption
Naiyan Noor
 
Unit 3
Unit 3Unit 3
Unit 3
tamil arasan
 
Unit 3(1)
Unit 3(1)Unit 3(1)
Unit 3(1)Vinod Kumar Gorrepati
 
Unit 3(1)
Unit 3(1)Unit 3(1)
Unit 3(1)Vinod Kumar Gorrepati
 

Recommended

6.hash mac
6.hash mac6.hash mac
6.hash mac
Virendrakumar Dhotre
 
Ch11
Ch11Ch11
Ch11Joe Christensen
 
Hash function
Hash functionHash function
Hash function
Harry Potter
 
Pgp smime
Pgp smimePgp smime
Pgp smime
Tania Agni
 
Encryption
EncryptionEncryption
Encryption
Naiyan Noor
 
Unit 3
Unit 3Unit 3
Unit 3
tamil arasan
 
Unit 3(1)
Unit 3(1)Unit 3(1)
Unit 3(1)Vinod Kumar Gorrepati
 
Unit 3(1)
Unit 3(1)Unit 3(1)
Unit 3(1)Vinod Kumar Gorrepati
 
Stallings Kurose and Ross
Stallings Kurose and RossStallings Kurose and Ross
Stallings Kurose and Ross
Information Security Awareness Group
 
Unit 2
Unit 2Unit 2
Unit 2
tamil arasan
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt
GnanalakshmiV
 
White Paper on Cryptography
White Paper on Cryptography White Paper on Cryptography
White Paper on Cryptography
Durgesh Malviya
 
Cryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownCryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie Brown
Information Security Awareness Group
 
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
editor1knowledgecuddle
 
CNS - Unit v
CNS - Unit vCNS - Unit v
CNS - Unit v
ArthyR3
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security 18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
ENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATION
ENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATIONENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATION
ENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATION
IJNSA Journal
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
Mazin Alwaaly
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
Harry Potter
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2koolkampus
 
Hash
HashHash
Hash
Tazo Al
 
Encryption techniques
Encryption techniques Encryption techniques
Encryption techniques
ShrikantSharma86
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authentication
Ram Dutt Shukla
 
RSA - ENCRYPTION ALGORITHM CRYPTOGRAPHY
RSA - ENCRYPTION ALGORITHM CRYPTOGRAPHYRSA - ENCRYPTION ALGORITHM CRYPTOGRAPHY
RSA - ENCRYPTION ALGORITHM CRYPTOGRAPHY
Qualcomm
 
Survey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile CommunicationSurvey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile Communication
ijsrd.com
 
DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...
DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...
DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...
IJECEIAES
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
Nagendra Um
 
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfAn Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
KailasS9
 
A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...
A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...
A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...
International Journal of Science and Research (IJSR)
 

More Related Content

What's hot

Stallings Kurose and Ross
Stallings Kurose and RossStallings Kurose and Ross
Stallings Kurose and Ross
Information Security Awareness Group
 
Unit 2
Unit 2Unit 2
Unit 2
tamil arasan
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt
GnanalakshmiV
 
White Paper on Cryptography
White Paper on Cryptography White Paper on Cryptography
White Paper on Cryptography
Durgesh Malviya
 
Cryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownCryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie Brown
Information Security Awareness Group
 
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
editor1knowledgecuddle
 
CNS - Unit v
CNS - Unit vCNS - Unit v
CNS - Unit v
ArthyR3
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security 18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
ENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATION
ENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATIONENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATION
ENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATION
IJNSA Journal
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
Mazin Alwaaly
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
Harry Potter
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2koolkampus
 
Hash
HashHash
Hash
Tazo Al
 
Encryption techniques
Encryption techniques Encryption techniques
Encryption techniques
ShrikantSharma86
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authentication
Ram Dutt Shukla
 

What's hot (16)

Stallings Kurose and Ross
Stallings Kurose and RossStallings Kurose and Ross
Stallings Kurose and Ross
 
Unit 2
Unit 2Unit 2
Unit 2
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt
 
White Paper on Cryptography
White Paper on Cryptography White Paper on Cryptography
White Paper on Cryptography
 
Cryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownCryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie Brown
 
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
Comparative Analysis of Cryptographic Algorithms and Advanced Cryptographic A...
 
CNS - Unit v
CNS - Unit vCNS - Unit v
CNS - Unit v
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security 18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
ENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATION
ENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATIONENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATION
ENHANCED SECURE ALGORITHM FOR MESSAGE COMMUNICATION
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 Algorithm
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2
 
Hash
HashHash
Hash
 
Encryption techniques
Encryption techniques Encryption techniques
Encryption techniques
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authentication
 

Similar to Pkcs 5

RSA - ENCRYPTION ALGORITHM CRYPTOGRAPHY
RSA - ENCRYPTION ALGORITHM CRYPTOGRAPHYRSA - ENCRYPTION ALGORITHM CRYPTOGRAPHY
RSA - ENCRYPTION ALGORITHM CRYPTOGRAPHY
Qualcomm
 
Survey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile CommunicationSurvey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile Communication
ijsrd.com
 
DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...
DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...
DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...
IJECEIAES
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
Nagendra Um
 
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfAn Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
KailasS9
 
A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...
A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...
A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...
International Journal of Science and Research (IJSR)
 
Day5
Day5Day5
Day5
Jai4uk
 
Ijcnc050208
Ijcnc050208Ijcnc050208
Ijcnc050208
IJCNCJournal
 
Moein
MoeinMoein
Moein
itrraincity
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Hybrid AES DES
Hybrid AES DESHybrid AES DES
Hybrid AES DES
Hardik Manocha
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin Jani
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
IJERD Editor
 
Multiple Encryption using ECC and Its Time Complexity Analysis
Multiple Encryption using ECC and Its Time Complexity AnalysisMultiple Encryption using ECC and Its Time Complexity Analysis
Multiple Encryption using ECC and Its Time Complexity Analysis
IJCERT
 
Secure Encryption Technique (SET): A Private Key Cryptosystem
Secure Encryption Technique (SET): A Private Key CryptosystemSecure Encryption Technique (SET): A Private Key Cryptosystem
Secure Encryption Technique (SET): A Private Key Cryptosystem
Avishek Datta
 
Computer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptxComputer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptx
magoigamtatiro1
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...
Mazin Alwaaly
 
Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Client server computing in mobile environments part 2
Client server computing in mobile environments part 2
Praveen Joshi
 

Similar to Pkcs 5 (20)

RSA - ENCRYPTION ALGORITHM CRYPTOGRAPHY
RSA - ENCRYPTION ALGORITHM CRYPTOGRAPHYRSA - ENCRYPTION ALGORITHM CRYPTOGRAPHY
RSA - ENCRYPTION ALGORITHM CRYPTOGRAPHY
 
Survey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile CommunicationSurvey of Hybrid Encryption Algorithm for Mobile Communication
Survey of Hybrid Encryption Algorithm for Mobile Communication
 
DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...
DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...
DARE Algorithm: A New Security Protocol by Integration of Different Cryptogra...
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdfAn Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
An Understanding And Perspectives of END TO END ENCRYPTION (4).pdf
 
A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...
A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...
A New Design of Algorithm for Enhancing Security in Bluetooth Communication w...
 
Day5
Day5Day5
Day5
 
Ijcnc050208
Ijcnc050208Ijcnc050208
Ijcnc050208
 
Moein
MoeinMoein
Moein
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Hybrid AES DES
Hybrid AES DESHybrid AES DES
Hybrid AES DES
 
Jaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batchJaimin chp-8 - network security-new -use this - 2011 batch
Jaimin chp-8 - network security-new -use this - 2011 batch
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
 
82 86
82 8682 86
82 86
 
82 86
82 8682 86
82 86
 
Multiple Encryption using ECC and Its Time Complexity Analysis
Multiple Encryption using ECC and Its Time Complexity AnalysisMultiple Encryption using ECC and Its Time Complexity Analysis
Multiple Encryption using ECC and Its Time Complexity Analysis
 
Secure Encryption Technique (SET): A Private Key Cryptosystem
Secure Encryption Technique (SET): A Private Key CryptosystemSecure Encryption Technique (SET): A Private Key Cryptosystem
Secure Encryption Technique (SET): A Private Key Cryptosystem
 
Computer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptxComputer Cryptography and Encryption [by: Magoiga].pptx
Computer Cryptography and Encryption [by: Magoiga].pptx
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...
 
Client server computing in mobile environments part 2
Client server computing in mobile environments part 2Client server computing in mobile environments part 2
Client server computing in mobile environments part 2
 

Recently uploaded

Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdfTutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
aqil azizi
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
Pratik Pawar
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
fxintegritypublishin
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
WENKENLI1
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
Massimo Talia
 
Fundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptxFundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptx
manasideore6
 
space technology lecture notes on satellite
space technology lecture notes on satellitespace technology lecture notes on satellite
space technology lecture notes on satellite
ongomchris
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
gestioneergodomus
 
English lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdfEnglish lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdf
BrazilAccount1
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
JoytuBarua2
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
AJAYKUMARPUND1
 
MCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdfMCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdf
Osamah Alsalih
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Dr.Costas Sachpazis
 
ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
Vijay Dialani, PhD
 
DESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docxDESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docx
FluxPrime1
 
Investor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptxInvestor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptx
AmarGB2
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
Robbie Edward Sayers
 
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
ssuser7dcef0
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
gerogepatton
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
SyedAbiiAzazi1
 

Recently uploaded (20)

Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdfTutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
 
Fundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptxFundamentals of Electric Drives and its applications.pptx
Fundamentals of Electric Drives and its applications.pptx
 
space technology lecture notes on satellite
space technology lecture notes on satellitespace technology lecture notes on satellite
space technology lecture notes on satellite
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
 
English lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdfEnglish lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdf
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
 
MCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdfMCQ Soil mechanics questions (Soil shear strength).pdf
MCQ Soil mechanics questions (Soil shear strength).pdf
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
 
ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
 
DESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docxDESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docx
 
Investor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptxInvestor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptx
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
 

Pkcs 5

  • 1. Copyright © 1991–1993 RSA Laboratories, a division of RSA Data Security, Inc. License to copy this document is granted provided that it is identified as "RSA Data Security, Inc. Public-Key Cryptography Standards (PKCS)" in all material mentioning or referencing this document. 003-903020-150-000-000 PKCS #5: Password-Based Encryption Standard An RSA Laboratories Technical Note Version 1.5 Revised November 1, 1993* 1. Scope This standard describes a method for encrypting an octet string with a secret key derived from a password. The result of the method is an octet string. Although the standard can be used to encrypt arbitrary octet strings, its intended primary application to public-key cryptography is for encrypting private keys when transferring them from one computer system to another, as described in PKCS #8. The standard defines two key-encryption algorithms: "MD2 with DES-CBC" and "MD5 with DES-CBC." The algorithms employ DES secret-key encryption in cipher-block chaining mode, where the secret key is derived from a password with the MD2 message- digest algorithm, or MD5 message-digest algorithm. 2. References FIPS PUB 46–1 National Bureau of Standards. FIPS PUB 46–1: Data Encryption Standard. January 1988. FIPS PUB 81 National Bureau of Standards. FIPS PUB 81: DES Modes of Operation. December 1980. PKCS #8 RSA Laboratories. PKCS #8: Private-Key Information Syntax Standard. Version 1.2, November 1993. RFC 1319 B. Kaliski. RFC 1319: The MD2 Message-Digest Algorithm. April 1992. *Supersedes June 3, 1991 version, which was also published as NIST/OSI Implementors' Workshop document SEC- SIG-91-20. PKCS documents are available by electronic mail to <pkcs@rsa.com>. Copyright © 1991–1993 RSA Laboratories, a division of RSA Data Security, Inc. License to copy this document is granted provided that it is identified as "RSA Data Security, Inc. Public-Key Cryptography Standards (PKCS)" in all material mentioning or referencing this document. 003-903020-150-000-000
  • 2. Page 2 PKCS #5: Password-Based Encryption Standard§ RFC 1321 R. Rivest. RFC 1321: The MD5 Message-Digest Algorithm. April 1992. X.208 CCITT. Recommendation X.208: Specification of Abstract Syntax Notation One (ASN.1). 1988. X.509 CCITT. Recommendation X.509: The Directory—Authentication Framework. 1988. [MT79] Robert Morris and Ken Thompson. Password security: A case history. Communications of the ACM, 22(11):594–597, November 1979. 3. Definitions For the purposes of this standard, the following definitions apply. AlgorithmIdentifier: A type that identifies an algorithm (by object identifier) and any associated parameters. This type is defined in X.509. ASN.1: Abstract Syntax Notation One, as defined in X.208. CBC mode: The cipher-block chaining mode of DES, as defined in FIPS PUB 81. DES: Data Encryption Standard, as defined in FIPS PUB 46-1. MD2: RSA Data Security, Inc.'s MD2 message-digest algorithm, as defined in RFC 1319. MD5: RSA Data Security, Inc.'s MD5 message-digest algorithm, as defined in RFC 1321. 4. Symbols and abbreviations Upper-case italic symbols (e.g., C) denote octet strings; lower-case italic symbols (e.g., c) denote integers. ab hexadecimal octet value P password C ciphertext PS padding string EB encryption block S salt value IV initializing vector c iteration count
  • 3. 5. General overview§ Page 3 K DES key mod n modulo n M message X || Y concatenation of X, Y ||X|| length in octets of X 5. General overview The next three sections specify the encryption process, the decryption process, and object identifiers. Each entity shall privately select an octet string P as its "password." The password is an arbitrary octet string, and it need not be a printable "word" in the usual sense. The octet string may contain zero or more octets. Each entity shall also select an eight-octet string S as its salt value and a positive integer c as its iteration count. The salt value S and the iteration count c are parameters of the algorithm identifier for the password-based encryption algorithm. An entity's password, salt value, and iteration count may be different for each message the entity encrypts. Two password-based encryption algorithms are defined here. The first algorithm (informally, "MD2 with DES-CBC") combines the MD2 message-digest algorithm with DES in cipher-block chaining mode, and the second (informally, "MD5 with DES-CBC") combines the MD5 message-digest algorithm with DES in cipher-block chaining mode. The "selected" message-digest algorithm shall either be MD2 or MD5, depending on the password-based encryption algorithm. The encryption and decryption processes shall both be performed with the password, salt value, and iteration count as a key for the password-based encryption algorithm. Both processes transform an octet string to another octet string. The processes are inverses of one another if they use the same key. Notes. 1. Some security conditions on the choice of password may well be taken into account in order to deter standard attacks such as dictionary attacks. These security conditions fall outside the scope of this standard. 2. How passwords are entered by an entity (a user) is outside the scope of
  • 4. Page 4 PKCS #5: Password-Based Encryption Standard§ this standard. However, it is recommended in the interest of interoperability that when messages encrypted according to this standard are to be transferred from one computer system to another, the password should consist of printable ASCII characters (values 32 to 126 decimal inclusive). This recommendation may require that password-entry software support optional conversion from a local character set to ASCII. 3. The iteration count provides a method of varying the time to derive a DES key from the password, thereby making dictionary attacks more expensive. 4. The selection of a salt value independent from the password limits the efficiency of dictionary attacks directed collectively against many messages encrypted according to this standard, e.g., against a database of encrypted private keys. This concept is explained in Morris and Thompson's paper on passwords [MT79]. 5. A convenient way to select the salt value S is to set it to the first eight octets of the message digest of the octet string P || M. This method works best when the message M is somewhat random (e.g., a private key), for then the salt value S reveals no significant information about M or P. This method is not recommended, however, if the message M is known to belong to a small message space (e.g., "Yes" or "No"). 6. The iteration count and the method of selecting a salt value may be standardized in particular applications. 6. Encryption process This section describes the password-based encryption process. The encryption process consists of three steps: DES key generation, encryption-block formatting, and DES encryption. The input to the encryption process shall be an octet string M, the message; an octet string P, the password; an octet string S, the salt value; and an integer c, the iteration count. The output from the encryption process shall be an octet string C, the ciphertext. Note. The encryption process does not provide an explicit integrity check to facilitate error detection should the encrypted data be corrupted in transmission. However, the structure of the encryption block guarantees that the probability that corruption is undetected is less than 2-8. 6.1 DES key generation A DES key K and an initializing vector IV shall be generated from the password P, the salt value S, and the iteration count c. The key generation process shall involve the following steps: 1. The octet string P || S shall be digested with c iterations of the selected message-digest algorithm. "One iteration" of the message-digest algorithm is just the ordinary message digest; "two iterations" is the message digest
  • 5. 5. General overview§ Page 5 of the message digest; and so on. 2. The least significant bit of each of the first eight octets of the result of step 1 shall be changed if necessary to give the octet odd parity, as required by DES. The resulting eight octets shall become the DES key K. 3. The last eight octets of the result of step 1 shall become the initializing vector IV. 6.2 Encryption-block formatting The message M and a padding string PS shall be formatted into an octet string EB, the encryption block. EB = M || PS . (1) The padding string PS shall consist of 8 - (||M|| mod 8) octets all having value 8 - (||M|| mod 8). (This makes the length of the encryption block EB a multiple of eight octets.) In other words, the encryption block EB satisfies one of the following statements: EB = M || 01 — if ||M|| mod 8 = 7 ; EB = M || 02 02 — if ||M|| mod 8 = 6 ; × × × EB = M || 08 08 08 08 08 08 08 08 — if ||M|| mod 8 = 0 . Note. The encryption block can be parsed unambiguously since every encryption block ends with a padding string and no padding string is a suffix of another. 6.3 DES encryption The encryption block EB shall be encrypted under DES in cipher-block chaining mode with key K and initializing vector IV. The result of encryption shall be an octet string C, the ciphertext. Note. The length of the ciphertext C is a multiple of eight octets. 7. Decryption process This section describes the password-based decryption process. The decryption process consists of three steps: DES key generation, DES decryption, and encryption-block parsing. The input to the decryption process shall be an octet string C, the ciphertext; an octet string P, the password; an octet string S, the salt value; and an integer c, the iteration count. The output from the decryption process shall an octet string M, the message. For brevity, the decryption process is described in terms of the encryption process.
  • 6. Page 6 PKCS #5: Password-Based Encryption Standard§ 7.1 DES key generation A DES key K and an initializing vector IV shall be generated from the password P, the salt value S, and the iteration count c as described for the encryption process. 7.2 DES decryption The ciphertext C shall be decrypted under DES in cipher-block chaining mode with key K and initializing vector IV. The result of decryption shall be an octet string EB, the encryption block. It is an error if the length of the ciphertext C is not a multiple of eight octets. 7.3 Encryption-block parsing The encryption block EB shall be parsed into an octet string M, the message, and an octet string PS, the padding string, according to Equation (1). It is an error if the encryption block cannot be parsed according to Equation (1), i.e., if the encryption block does not end with k octets all having value k for some k between 1 and 8. 8. Object identifiers This standard defines three object identifiers: pkcs-5, pbeWithMD2AndDES-CBC, and pbeWithMD5AndDES-CBC. The object identifier pkcs-5 identifies this standard. pkcs-5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) US(840) rsadsi(113549) pkcs(1) 5 } The object identifiers pbeWithMD2AndDES-CBC and pbeWithMD5AndDES-CBC identify, respectively, the "MD2 with DES-CBC" and "MD5 with DES-CBC" password- based encryption and decryption processes defined in Sections 6 and 7. pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= { pkcs-5 1 } pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= { pkcs-5 3 } These object identifiers are intended to be used in the algorithm field of a value of type AlgorithmIdentifier. The parameters field of that type, which has the algorithm-specific syntax ANY DEFINED BY algorithm, would have ASN.1 type PBEParameter for these algorithms. PBEParameter ::= SEQUENCE { salt OCTET STRING SIZE(8), iterationCount INTEGER }
  • 7. 5. General overview§ Page 7 The fields of type PBEParameter have the following meanings: • salt is the salt value S. • iterationCount is the iteration count c.
  • 8. Revision history§ Page 8 Revision history Versions 1.0–1.3 Versions 1.0–1.3 were distributed to participants in RSA Data Security, Inc.'s Public-Key Cryptography Standards meetings in February and March 1991. Version 1.4 Version 1.4 is part of the June 3, 1991 initial public release of PKCS. Version 1.4 was published as NIST/OSI Implementors' Workshop document SEC-SIG-91-20. Version 1.5 Version 1.5 incorporates several editorial changes, including updates to the references and the addition of a revision history. Author's address RSA Laboratories (415) 595-7703 100 Marine Parkway (415) 595-4126 (fax) Redwood City, CA 94065 USA pkcs-editor@rsa.com