PKCS
|
In cryptography, PKCS refers to a group of Public Key Cryptography Standards devised and published by RSA laboratories in California. RSA Data Security Inc was assigned the licensing rights for the patent on the RSA asymmetric key algorithm and acquired the licensing rights to several other key patents as well (eg, the Schnorr patent).
As such, RSA Security, and its research division, RSA Labs, were interested in promoting and facilitating the use of public key techniques. To that end, they developed the PKCS standards. They retained control over them, announcing that they would make changes/improvements as they deemed necessary, and so the PKCS standards were not, in a significant sense, actual industry standards despite the name. Some, but not all, have in recent years begun to move into 'standards track' processes with one or more of the standards organizations.
PKCS Standards Summary | |||
---|---|---|---|
Version | Name | Comments | |
PKCS#1 | 2.1 | RSA Cryptography Standard | See RFC 3447. Defines the format of RSA encryption. |
PKCS#2 | - | Withdrawn | No longer active. Covered RSA encryption of message digests, but was merged into PKCS#1. |
PKCS#3 | 1.4 | Diffie-Hellman Key Agreement Standard | |
PKCS#4 | - | Withdrawn | No longer active. Covered RSA key syntax, but was merged into PKCS#1. |
PKCS#5 | 2.0 | Password-based Encryption Standard | See RFC 2898 and PBKDF2. |
PKCS#6 | 1.5 | Extended-Certificate Syntax Standard | Defines extensions to the old v1 X.509 certificate specification. Obsoleted by v3 of the same. |
PKCS#7 | 1.5 | Cryptographic Message Syntax Standard | See RFC 2315. Forms the basis for S/MIME; used to sign and/or encrypt messages under a PKI. Used also for certificate dissemination (for instance as a response to a PKCS#10 message). |
PKCS#8 | 1.2 | Private-Key Information Syntax Standard | |
PKCS#9 | 2.0 | Selected Attribute Types | |
PKCS#10 | 1.7 | Certification Request Standard | See RFC 2986. Format of messages sent to a Certification Authority to request certification of a key pair. See certificate signing request. |
PKCS#11 | 2.20 | Cryptographic Token Interface (cryptoki) | An API defining a generic interface to cryptographic tokens (see also Hardware Security Module). |
PKCS#12 | 1.0 | Personal Information Exchange Syntax Standard | Defines a file format commonly used to store private keys with accompanying Public key certificates protected with a password-based symmetric key. |
PKCS#13 | – | Elliptic Curve Cryptography Standard | (Under development) |
PKCS#14 | – | Pseudo-random Number Generation | (Under development) |
PKCS#15 | – | Cryptographic Token Information Format Standard | (Retired) |
See also
References
- Jean-Sébastien Coron, Marc Joye, David Naccache and Pascal Paillier, New Attacks on PKCS#1 v1.5 Encryption, EUROCRYPT 2000, pp69-381.
External links
- RSA Security's page on PKCS (http://www.rsasecurity.com/rsalabs/node.asp?id=2124)