Cryptographic mechanisms are often used to protect the integrity and confidentiality of data that is sensitive, has a high value, or is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage. A cryptographic mechanism relies upon two basic components: an algorithm (or cryptographic methodology) and a variable cryptographic key. The algorithm and key are used together to apply cryptographic protection to data (e.g., to encrypt the data or to generate a digital signature) and to remove or check the protection (e.g., to decrypt the encrypted data or to verify a digital signature). This is analogous to a physical safe that can be opened only with the correct combination. Two types of cryptographic algorithms are in common use today: symmetric key algorithms and asymmetric key algorithms. Symmetric key algorithms (sometimes called secret key algorithms) use a single key to both apply cryptographic protection and to remove or check the protection. Asymmetric key algorithms (often called public key algorithms) use a pair of keys (i.e., a key pair): a public key and a private key that are mathematically related to each other. In the case of symmetric key algorithms, the single key must be kept secret from everyone and everything not specifically authorized to access the information being protected. In asymmetric key cryptography, only one key in the key pair, the private key, must be kept secret; the other key can be made public. Symmetric key cryptography is most often used to protect the confidentiality of information or to authenticate the integrity of that information. Asymmetric key cryptography is commonly used to protect the integrity and authenticity of information and to establish symmetric keys. Given differences in the nature of symmetric and asymmetric key cryptography and of the requirements of different security applications of cryptography, specific key management requirements and methods necessarily vary from application to application. Regardless of the algorithm or application, if cryptography is to deliver confidentiality, integrity, or authenticity, users and systems need to have assurance that the key is authentic, that it belongs to the entity with whom or which it is asserted to be associated, and that it has not been accessed by an unauthorized third party. SP 800-57, Recommendation for Key Management (hereafter referred to as SP 800-57 or the Recommendation), provides guidelines and best practices for achieving this necessary assurance. SP 800-57 consists of three parts. This publication is Part 2 of the Recommendation (i.e., SP 800-57 Part 2 – Best Practices for Key Management Organizations) and is intended primarily to address the needs of U.S. government system owners and managers who are setting up or acquiring cryptographic key management capabilities. Parts 1 and 3 of SP 800-57 focus on cryptographic key management mechanisms. SP 800-57 Part 1, General, (hereafter referred to as Part 1) contains basic key management guidance intended to advise users, developers and system managers; and SP 800-57 Part 3, Application-Specific Key Management Guidance, (hereafter referred to as Part 3) is intended to address specific key management issues associated with currently available implementations. SP 800-57 has been developed by and for the U.S. Federal Government. Non-governmental organizations may voluntarily choose to follow the practices provided herein.
- 粉丝: 797
- 资源: 314
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- IP网络的仿真及实验.doc
- 学习路之uniapp-goEasy入门
- 多边形框架物体检测26-YOLO(v5至v11)、COCO数据集合集.rar
- 基于Python和OpenCV的人脸识别签到系统的开发与应用
- course_s2_ALINX_ZYNQ_MPSoC开发平台Vitis应用教程V1.01.pdf
- 基于51单片机开发板设计的六位密码锁
- course_s5_linux应用程序开发篇.pdf
- course_s4_ALINX_ZYNQ_MPSoC开发平台Linux驱动教程V1.04.pdf
- course_s0_Xilinx开发环境安装教程.pdf
- 多边形框架物体检测20-YOLO(v5至v11)、COCO、CreateML、Paligemma、TFRecord、VOC数据集合集.rar