|
1.
|
Clear description of the referenced document:
|
|
|
|
Name:
|
IETF RFC 3447 (2003)
|
|
Title:
|
Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1
|
|
|
2.
|
Status of approval:
|
|
|
February 2003 as Information).
|
|
3.
|
Justification for the specific reference:
|
|
|
The referenced document constitutes provisions of this Recommendation
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
Copyright (C) The Internet Society (2003). All Rights Reserved.
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind.
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
Stable.
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
None.
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
[1] ANSI X9F1 Working Group. ANSI X9.44 Draft D2: Key/
Establishment Using Integer Factorization Cryptography./
Working Draft, March 2002./
/
[2] M. Bellare, A. Desai, D. Pointcheval and P. Rogaway. Relations/
Among Notions of Security for Public-Key Encryption Schemes./
In H. Krawczyk, editor, Advances in Cryptology - Crypto '98,/
volume 1462 of Lecture Notes in Computer Science, pp. 26 - 45./
Springer Verlag, 1998./
/
[3] M. Bellare and P. Rogaway. Optimal Asymmetric Encryption - How/
to Encrypt with RSA. In A. De Santis, editor, Advances in/
Cryptology - Eurocrypt '94, volume 950 of Lecture Notes in/
Computer Science, pp. 92 - 111. Springer Verlag, 1995./
/
[4] M. Bellare and P. Rogaway. The Exact Security of Digital/
Signatures - How to Sign with RSA and Rabin. In U. Maurer,/
editor, Advances in Cryptology - Eurocrypt '96, volume 1070 of/
Lecture Notes in Computer Science, pp. 399 - 416. Springer/
Verlag, 1996./
/
[5] M. Bellare and P. Rogaway. PSS: Provably Secure Encoding/
Method for Digital Signatures. Submission to IEEE P1363/
working group, August 1998. Available from/
http://grouper.ieee.org/groups/1363/./
/
[6] D. Bleichenbacher. Chosen Ciphertext Attacks Against Protocols/
Based on the RSA Encryption Standard PKCS #1. In H. Krawczyk,/
editor, Advances in Cryptology - Crypto '98, volume 1462 of/
Lecture Notes in Computer Science, pp. 1 - 12. Springer/
Verlag, 1998./
/
[7] D. Bleichenbacher, B. Kaliski and J. Staddon. Recent Results/
on PKCS #1: RSA Encryption Standard. RSA Laboratories'/
Bulletin No. 7, June 1998./
/
/
[8] B. den Boer and A. Bosselaers. An Attack on the Last Two/
Rounds of MD4. In J. Feigenbaum, editor, Advances in/
Cryptology - Crypto '91, volume 576 of Lecture Notes in/
Computer Science, pp. 194 - 203. Springer Verlag, 1992./
/
[9] B. den Boer and A. Bosselaers. Collisions for the Compression/
Function of MD5. In T. Helleseth, editor, Advances in/
Cryptology - Eurocrypt '93, volume 765 of Lecture Notes in/
Computer Science, pp. 293 - 304. Springer Verlag, 1994./
/
[10] D. Coppersmith, M. Franklin, J. Patarin and M. Reiter. Low-/
Exponent RSA with Related Messages. In U. Maurer, editor,/
Advances in Cryptology - Eurocrypt '96, volume 1070 of Lecture/
Notes in Computer Science, pp. 1 - 9. Springer Verlag, 1996./
/
[11] D. Coppersmith, S. Halevi and C. Jutla. ISO 9796-1 and the New/
Forgery Strategy. Presented at the rump session of Crypto '99,/
August 1999./
/
[12] J.-S. Coron. On the Exact Security of Full Domain Hashing. In/
M. Bellare, editor, Advances in Cryptology - Crypto 2000,/
volume 1880 of Lecture Notes in Computer Science, pp. 229 -/
235. Springer Verlag, 2000./
/
[13] J.-S. Coron. Optimal Security Proofs for PSS and Other/
Signature Schemes. In L. Knudsen, editor, Advances in/
Cryptology - Eurocrypt 2002, volume 2332 of Lecture Notes in/
Computer Science, pp. 272 - 287. Springer Verlag, 2002./
/
[14] J.-S. Coron, M. Joye, D. Naccache and P. Paillier. New Attacks/
on PKCS #1 v1.5 Encryption. In B. Preneel, editor, Advances in/
Cryptology - Eurocrypt 2000, volume 1807 of Lecture Notes in/
Computer Science, pp. 369 - 379. Springer Verlag, 2000./
/
[15] J.-S. Coron, D. Naccache and J. P. Stern. On the Security of/
RSA Padding. In M. Wiener, editor, Advances in Cryptology -/
Crypto '99, volume 1666 of Lecture Notes in Computer Science,/
pp. 1 - 18. Springer Verlag, 1999./
/
[16] Y. Desmedt and A.M. Odlyzko. A Chosen Text Attack on the RSA/
Cryptosystem and Some Discrete Logarithm Schemes. In H.C./
Williams, editor, Advances in Cryptology - Crypto '85, volume/
218 of Lecture Notes in Computer Science, pp. 516 - 522./
Springer Verlag, 1986./
/
[17] Dierks, T. and C. Allen, "The TLS Protocol, Version 1.0", RFC/
2246, January 1999./
[18] H. Dobbertin. Cryptanalysis of MD4. In D. Gollmann, editor,/
Fast Software Encryption '96, volume 1039 of Lecture Notes in/
Computer Science, pp. 55 - 72. Springer Verlag, 1996./
/
[19] H. Dobbertin. Cryptanalysis of MD5 Compress. Presented at the/
rump session of Eurocrypt '96, May 1996./
/
[20] H. Dobbertin. The First Two Rounds of MD4 are Not One-Way. In/
S. Vaudenay, editor, Fast Software Encryption '98, volume 1372/
in Lecture Notes in Computer Science, pp. 284 - 292. Springer/
Verlag, 1998./
/
[21] E. Fujisaki, T. Okamoto, D. Pointcheval and J. Stern. RSA-OAEP/
is Secure under the RSA Assumption. In J. Kilian, editor,/
Advances in Cryptology - Crypto 2001, volume 2139 of Lecture/
Notes in Computer Science, pp. 260 - 274. Springer Verlag,/
2001./
/
[22] H. Garner. The Residue Number System. IRE Transactions on/
Electronic Computers, EC-8 (6), pp. 140 - 147, June 1959./
/
[23] M.L. Grell. Re: Encoding Methods PSS/PSS-R. Letter to IEEE/
P1363 working group, University of California, June 15, 1999./
Available from/
http://grouper.ieee.org/groups/1363/P1363/patents.html./
/
[24] J. Haastad. Solving Simultaneous Modular Equations of Low/
Degree. SIAM Journal of Computing, volume 17, pp. 336 - 341,/
1988./
/
[25] Housley, R., "Cryptographic Message Syntax (CMS)", RFC 3369,/
August 2002. Housley, R., "Cryptographic Message Syntax (CMS)/
Algorithms", RFC 3370, August 2002./
/
[26] IEEE Std 1363-2000: Standard Specifications for Public Key/
Cryptography. IEEE, August 2000./
/
[27] IEEE P1363 working group. IEEE P1363a D11: Draft Standard/
Specifications for Public Key Cryptography -- Amendment 1:/
Additional Techniques. December 16, 2002. Available from/
http://grouper.ieee.org/groups/1363/./
/
[28] ISO/IEC 9594-8:1997: Information technology - Open Systems/
Interconnection - The Directory: Authentication Framework./
1997./
[29] ISO/IEC FDIS 9796-2: Information Technology - Security/
Techniques - Digital Signature Schemes Giving Message Recovery/
- Part 2: Integer Factorization Based Mechanisms. Final Draft/
International Standard, December 2001./
/
[30] ISO/IEC 18033-2: Information Technology - Security Techniques -/
Encryption Algorithms - Part 2: Asymmetric Ciphers. V. Shoup,/
editor, Text for 2nd Working Draft, January 2002./
/
[31] J. Jonsson. Security Proof for the RSA-PSS Signature Scheme/
(extended abstract). Second Open NESSIE Workshop. September/
2001. Full version available from/
http://eprint.iacr.org/2001/053/./
/
[32] J. Jonsson and B. Kaliski. On the Security of RSA Encryption/
in TLS. In M. Yung, editor, Advances in Cryptology - CRYPTO/
2002, vol. 2442 of Lecture Notes in Computer Science, pp. 127 -/
142. Springer Verlag, 2002./
/
[33] Kaliski, B., "The MD2 Message-Digest Algorithm", RFC 1319,/
April 1992./
/
[34] B. Kaliski. On Hash Function Identification in Signature/
Schemes. In B. Preneel, editor, RSA Conference 2002,/
Cryptographers' Track, volume 2271 of Lecture Notes in Computer/
Science, pp. 1 - 16. Springer Verlag, 2002./
/
[35] Kaliski, B. and J. Staddon, "PKCS #1: RSA Cryptography/
Specifications Version 2.0", RFC 2437, October 1998./
/
[36] J. Manger. A Chosen Ciphertext Attack on RSA Optimal/
Asymmetric Encryption Padding (OAEP) as Standardized in PKCS #1/
v2.0. In J. Kilian, editor, Advances in Cryptology - Crypto/
2001, volume 2139 of Lecture Notes in Computer Science, pp. 260/
- 274. Springer Verlag, 2001./
/
[37] A. Menezes, P. van Oorschot and S. Vanstone. Handbook of/
Applied Cryptography. CRC Press, 1996./
/
[38] National Institute of Standards and Technology (NIST). FIPS/
Publication 180-1: Secure Hash Standard. April 1994./
/
[39] National Institute of Standards and Technology (NIST). Draft/
FIPS 180-2: Secure Hash Standard. Draft, May 2001. Available/
from http://www.nist.gov/sha/./
[40] J.-J. Quisquater and C. Couvreur. Fast Decipherment Algorithm/
for RSA Public-Key Cryptosystem. Electronics Letters, 18 (21),/
pp. 905 - 907, October 1982./
/
[41] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, April/
1992./
/
[42] R. Rivest, A. Shamir and L. Adleman. A Method for Obtaining/
Digital Signatures and Public-Key Cryptosystems./
Communications of the ACM, 21 (2), pp. 120-126, February 1978./
/
[43] N. Rogier and P. Chauvaud. The Compression Function of MD2 is/
not Collision Free. Presented at Selected Areas of/
Cryptography '95. Carleton University, Ottawa, Canada. May/
1995./
/
[44] RSA Laboratories. PKCS #1 v2.0: RSA Encryption Standard./
October 1998./
/
[45] RSA Laboratories. PKCS #7 v1.5: Cryptographic Message Syntax/
Standard. November 1993. (Republished as IETF RFC 2315.)/
/
[46] RSA Laboratories. PKCS #8 v1.2: Private-Key Information Syntax/
Standard. November 1993./
/
[47] RSA Laboratories. PKCS #12 v1.0: Personal Information Exchange/
Syntax Standard. June 1999./
/
[48] V. Shoup. OAEP Reconsidered. In J. Kilian, editor, Advances/
in Cryptology - Crypto 2001, volume 2139 of Lecture Notes in/
Computer Science, pp. 239 - 259. Springer Verlag, 2001./
/
[49] R. D. Silverman. A Cost-Based Security Analysis of Symmetric/
and Asymmetric Key Lengths. RSA Laboratories Bulletin No. 13,/
April 2000. Available from/
http://www.rsasecurity.com.rsalabs/bulletins/./
/
[50] G. J. Simmons. Subliminal communication is easy using the DSA./
In T. Helleseth, editor, Advances in Cryptology - Eurocrypt/
'93, volume 765 of Lecture Notes in Computer Science, pp. 218-/
232. Springer-Verlag, 1993./
/
|
|
9.
|
Qualification of
ISOC/IETF:
|
|
|
9.1-9.6 Decisions of ITU Council to admit ISOC to participate in the work of the Sector (June 1995 and June 1996).
9.7 The Internet Engineering Steering Group (IESG) is responsible for ongoing maintenance of the RFCs when the need arises. Comments on RFCs and corresponding changes are accommodated through the existing standardization process.
9.8 Each revision of a given RFC has a different RFC number, so no confusion is possible. All RFCs always remain available on-line. An index of RFCs and their status may be found in the IETF archives at http://www.rfc-editor.org/rfc.html.
|
|
10.
|
Other (for any supplementary information):
|
|
|
None.
|
|
