ISO/IEC TR 24485:2022

недоступно на русском языке

Тезис

This document introduces security properties and provides best practices on the test and evaluation of white box cryptography (WBC). WBC is a cryptographic algorithm specialized for a key or secret, but where the said key cannot be extracted.

The WBC implementation can consist of plain source code for the cryptographic algorithm and/or of a device implementing the algorithm. In both cases, security functions are implemented to deter an attacker from uncovering the key or secret.

Security properties consist in the secrecy of security parameters concealed within the implementation of the white box cryptography. Best practices for the test and evaluation includes mathematical and practical analyses, static and dynamic analyses, non-invasive and invasive analyses.

This document is related to ISO/IEC 19790 which specifies security requirements for cryptographic modules. In those modules, critical security parameters (CSPs) and public security parameters (PSPs) are the assets to protect. WBC is one solution to conceal CSPs inside of the implementation.

Общая информация

Текущий статус
: Опубликовано

Дата публикации
: 2022-10
Версия
: 1
Технический комитет
: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
ICS
:
35.030 IT Security

Приобрести данный стандарт

	Формат	Язык
std 1 61	PDF + ePub
std 2 61	Бумажный

CHF61

Жизненный цикл

Сейчас

Опубликовано

ISO/IEC TR 24485:2022
Этап: 60.60

Появились вопросы?

Ознакомьтесь с FAQ

Работа с клиентами

+41 22 749 08 88

customerservice@iso.org

Часы работы:
Понедельник – пятница: 09:00-12:00, 14:00-17:00 (UTC+1)