AS 2805.6.1.4-2009

Preview

Standard

Track updates

[Current]

Adopts ISO 11568.4:2007 to align Australian key management lifecycle with international best practice.

Published: 11/02/2009

Pages: 22

Table of contents

Cited references

Content history

Table of contents

Header

About this publication

Preface

Introduction

1 Scope

2 Normative references

3 Terms and definitions

4 Uses of asymmetric cryptosystems in retail financial services systems

4.1 General

4.2 Establishment and storage of symmetric keys

4.3 Storage and distribution of asymmetric public keys

4.4 Storage and transfer of asymmetric private keys

5 Techniques for the provision of key management services

5.1 Introduction

5.2 Key encipherment

5.2.1 General

5.2.2 Encipherment of a symmetric key using an asymmetric cipher

5.2.3 Encipherment of an asymmetric key using a symmetric cipher

5.3 Public key certification

5.4 Key separation techniques

5.4.1 General

5.4.2 Key tagging

5.4.2.1 General

5.4.2.2 Explicit key tagging

5.4.2.3 Implicit key tagging

5.5 Key verification

5.6 Key integrity techniques

5.6.1 Public key

5.6.2 Private key

6 Asymmetric key life cycle

6.1 Key life cycle phases

6.2 Key life cycle stages — Generation

6.2.1 General

6.2.2 Certification authority

6.2.3 Key pair owner

6.2.4 Third party

6.3 Key storage

6.3.1 Introduction

6.3.2 Permissible forms for private keys

6.3.2.1 General

6.3.2.2 Plaintext private key

6.3.2.3 Key shares

6.3.2.4 Enciphered private key

6.3.3 Permissible forms for public keys

6.3.3.1 General

6.3.3.2 Plaintext public key

6.3.3.3 Enciphered public key

6.3.4 Protection against substitution during storage

6.3.5 Provisions for key separation

6.3.6 Key back-up

6.4 Public key distribution

6.5 Asymmetric key pair transfer

6.5.1 Process

6.5.1.1 General

6.5.1.2 Plaintext private key

6.5.1.3 Private key shares

6.5.1.4 Enciphered private key

6.5.2 Public key transfer

6.6 Authenticity prior to use

6.7 Use

6.8 Public key revocation

6.9 Replacement

6.10 Public key expiration

6.11 Private key destruction

6.12 Private key deletion

6.13 Public key archive

6.14 Private key termination

6.15 Erasure summary

6.16 Optional life cycle processes

6.16.1 Public key certification

6.16.2 Key retrieval

Annex A

A.1 General

A.2 Approved algorithms

A.2.1 Algorithms approved for public key transport systems

A.2.2 Algorithms approved for public key agreement systems

A.2.3 Algorithms approved for digital signatures

A.2.4 Approved hash functions

Bibliography

Cited references in this standard

Content history

ISO 11568-4:2007

[Superseded]

DR 08013

AS 2805.6.1.4-2009 REC:2019