PKI

DSA Signature Verification and Validation

Saturday, February 7th, 2009

Signature verification may be performed by any party (i.e., the signatory, the intended recipient or any other party) using the signatory’s public key. A signatory may wish to verify that the computed signature is correct, perhaps before sending the signed message to the intended recipient.

The intended recipient (or any other party) verifies the signature to determine its authenticity.

Prior to verifying the signature of a signed message, the domain parameters, and [..]

Social tagging: certificate authority, ECDSA, electronic digital signature, PKI

Digital Signatures – Key Pair Management

Saturday, February 7th, 2009

The secure use of digital signatures depends on the management of an entity’s digital signature key pair as follows:

The validity of the domain parameters shall be assured prior to the generation of the key pair, or the verification and validation of a digital signature .
Each key pair shall be associated with the domain parameters under which the key pair was generated.
Key pairs shall only be used to generate [..]

Social tagging: PKI, rsa digital signature, secure certificate ssl, security

Cryptographic Module Guidance

Saturday, February 7th, 2009

The requirements in this section are intended to ensure that all entities using the cryptographic module have adequate guidance and procedures to administer and use the module in a secure manner. Guidance documentation consists of administrator and non-administrator guidance.

Administrator guidance is written material that is used by the Crypto Officer and/or other administrative roles for the correct configuration, maintenance, and administration of the cryptographic module. The administrator guidance contains information [..]

Social tagging: encrypt, PKI, ssl encryption

Cryptography – Configuration Management

Friday, February 6th, 2009

Configuration management specifies the security requirements for a configuration management system implemented by a cryptographic module vendor, providing assurance that the integrity of the cryptographic module is preserved by requiring discipline and control in the processes of refinement and modification of the cryptographic module and related documentation.

A configuration management system is put in place to prevent accidental or unauthorized modifications to, and provide change traceability for, the cryptographic module and [..]

Social tagging: PKI, public key cryptography, SHA

Cryptographic Module Specification

Thursday, February 5th, 2009

A cryptographic module shall be a set of hardware and software that implements cryptographic functions or processes, including cryptographic algorithms and, optionally, key generation, and is contained within a defined cryptographic boundary.

In an Approved mode of operation a cryptographic module shall implement at least one Approved or Allowed security function. Certain non-Approved security functions are allowed for use in an Approved mode of operation. Allowed security functions used in an [..]

Social tagging: ciphers, cryptography and network security, PKI

Digital Signature

Friday, January 23rd, 2009

A digital signature is an electronic analogue of a written signature; the digital signature can be used to provide assurance that the claimed signatory signed the information. In addition, a digital signature may be used to detect whether or not the information was modified after it was signed (i.e., to detect the integrity of the signed data). These assurances may be obtained whether the data was received in a transmission [..]

Social tagging: electronic digital signature, encrypt signature, PKI, rsa encryption