AS 2805.5.2:2009 pdf free download – Electronic funds transfer – Requirements for interfaces
1 Scope
This International Standard establishes five modes of operation for applications of an n-bit block cipher (e.g. protection of data transmission, data storage). The defined modes only provide protection of data confidentiality. Protection of data integrity and requirements for padding the data are not within the scope of this International Standard. Also most modes do not protect the confidentiality of message length information. This International Standard specifies the modes of operation and gives recommendations for choosing values of parameters (as appropriate). The modes of operation specified in this International Standard have been assigned object iden- tifiers in accordance with ISO/IEC 9834. The list of assigned object identifiers is given in Annex A. In applications in which object identifiers are used, the object identifiers specified in An- nex A are to be used in preference to any other object identifiers that may exist for the mode concerned. NOTE Annex B (informative) contains comments on the properties of each mode. Block ciphers are specified in ISO/IEC 18033-3.
3.1 block chaining
encryption of information in such a way that each block of ciphertext is cryptographically de-pendent upon a preceding ciphertext block.
3.2 block cipher
symmetric encryption algorithm with the property that the encryption algorithm operates on a block of plaintext, i.e. a string of bits of a defined length, to yield a block of ciphertext. [ISO/IEC 18033-1]
3.3 ciphertext
data which has been transformed to hide its information content.
3.4 counter
bit array of length n bits (where n is the size of the underlying block cipher) which is used in the Counter mode; its value when considered as the binary representation of an integer increases by one (modulo 2 n ) after each block of plaintext is processed.
5 Requirements
For some of the described modes, padding of the plaintext variables may be required. Padding techniques, although important from a security perspective, are not within the scope of this In- ternational Standard, and throughout this standard it is assumed that any padding, as necessary, has already occurred. NOTE Advice on the selection of a padding method for use with the CBC mode of operation is provided in Annex B.2.3. For the Cipher Block Chaining (CBC) mode of operation (see clause 7), one parameter m needs to be selected. For the Cipher Feedback (CFB) mode of operation (see clause 8), three parameters r, j and k need to be selected. For the Output Feedback (OFB) mode of operation (see clause 9) and the Counter (CTR) mode of operation (see clause 10), one parameter j needs to be selected. When one of these modes of operation is used the same parameter value(s) need to be chosen and used by all communicating parties. These parameters need not be kept secret. All modes of operation specified in this International Standard require the parties encrypting and decrypting a data string to share a secret key K for the block cipher in use. All modes of operation apart from the Electronic Codebook (ECB) mode also require the parties to share a starting variable SV, where the length of SV will depend on the mode in use. The value of the starting variable should normally be different for every data string encrypted using a particular key (see also Annex B). How keys and starting variables are managed and distributed is outside the scope of this International Standard.