< draft-popov-cryptopro-cpalgs-02.txt   draft-popov-cryptopro-cpalgs-03.txt >
Internet Draft Vladimir Popov, CRYPTO-PRO Internet Draft Vladimir Popov, CRYPTO-PRO
Igor Kurepkin, CRYPTO-PRO Igor Kurepkin, CRYPTO-PRO
Expires October 5, 2005 Serguei Leontiev, CRYPTO-PRO Expires January 15, 2006 Serguei Leontiev, CRYPTO-PRO
Intended Category: Informational April 5, 2005 Intended Category: Informational July 15, 2005
Additional cryptographic algorithms for use with GOST 28147-89, Additional cryptographic algorithms for use with GOST 28147-89,
GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 algorithms. GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 algorithms.
<draft-popov-cryptopro-cpalgs-02.txt> <draft-popov-cryptopro-cpalgs-03.txt>
Status of this Memo Status of this Memo
By submitting this Internet-Draft, I certify that any applicable By submitting this Internet-Draft, each author represents that any
patent or other IPR claims of which I am aware have been disclosed, applicable patent or other IPR claims of which he or she is aware
and any of which I become aware will be disclosed, in accordance with have been or will be disclosed, and any of which he or she becomes
RFC 3668. aware will be disclosed, in accordance with Section 6 of BCP 79.
This document is an Internet Draft and is subject to all provisions Internet-Drafts are working documents of the Internet Engineering
of Section 10 of RFC2026. Internet Drafts are working documents of Task Force (IETF), its areas, and its working groups. Note that
the Internet Engineering Task Force (IETF), its areas, and its other groups may also distribute working documents as Internet-
working groups. Note that other groups may also distribute working Drafts.
documents as Internet Drafts. Internet Drafts are draft documents
valid for a maximum of 6 months and may be updated, replaced, or
obsoleted by other documents at any time. It is inappropriate to use
Internet Drafts as reference material or to cite them other than as a
"work in progress".
The list of current Internet Drafts can be accessed at Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than a "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html http://www.ietf.org/1id-abstracts.html
The list of Internet Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
Copyright (C) The Internet Society (2005). All Rights Reserved. Copyright Notice
Copyright (C) The Internet Society (2005).
Abstract Abstract
This document describes the cryptographic algorithms and parameters This document describes the cryptographic algorithms and parameters
supplementary to the original GOST specifications GOST 28147-89, GOST supplementary to the original GOST specifications GOST 28147-89, GOST
R 34.10-94, GOST R 34.10-2001 and GOST R 34.11-94 for use in internet R 34.10-94, GOST R 34.10-2001 and GOST R 34.11-94 for use in Internet
applications. applications.
Table of Contents Table of Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . 2 1 Introduction . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 2
2 Cipher modes and parameters. . . . . . . . . . . . . . . 3 2 Cipher modes and parameters. . . . . . . . . . . . . . . 3
2.1 GOST 28147-89 CBC mode . . . . . . . . . . . . . . . . . 3 2.1 GOST 28147-89 CBC mode . . . . . . . . . . . . . . . . . 4
2.2 GOST 28147-89 padding modes. . . . . . . . . . . . . . . 4 2.2 GOST 28147-89 padding modes. . . . . . . . . . . . . . . 4
2.3 Key Meshing Algorithms . . . . . . . . . . . . . . . . . 4 2.3 Key Meshing Algorithms . . . . . . . . . . . . . . . . . 4
2.3.1 Null Key Meshing . . . . . . . . . . . . . . . . . . . . 4 2.3.1 Null Key Meshing . . . . . . . . . . . . . . . . . . . . 5
2.3.2 CryptoPro Key Meshing. . . . . . . . . . . . . . . . . . 4 2.3.2 CryptoPro Key Meshing. . . . . . . . . . . . . . . . . . 5
3 HMAC_GOSTR3411 . . . . . . . . . . . . . . . . . . . . . 5 3 HMAC_GOSTR3411 . . . . . . . . . . . . . . . . . . . . . 6
4 PRF_GOSTR3411. . . . . . . . . . . . . . . . . . . . . . 5 4 PRF_GOSTR3411. . . . . . . . . . . . . . . . . . . . . . 6
5 Key Derivation Algorithms. . . . . . . . . . . . . . . . 5 5 Key Derivation Algorithms. . . . . . . . . . . . . . . . 6
5.1 VKO GOST R 34.10-94. . . . . . . . . . . . . . . . . . . 5 5.1 VKO GOST R 34.10-94. . . . . . . . . . . . . . . . . . . 6
5.2 VKO GOST R 34.10-2001. . . . . . . . . . . . . . . . . . 6 5.2 VKO GOST R 34.10-2001. . . . . . . . . . . . . . . . . . 7
6 Key Wrap algorithms. . . . . . . . . . . . . . . . . . . 6 6 Key Wrap algorithms. . . . . . . . . . . . . . . . . . . 7
6.1 GOST 28147-89 Key Wrap . . . . . . . . . . . . . . . . . 6 6.1 GOST 28147-89 Key Wrap . . . . . . . . . . . . . . . . . 7
6.2 GOST 28147-89 Key Unrap. . . . . . . . . . . . . . . . . 7 6.2 GOST 28147-89 Key Unrap. . . . . . . . . . . . . . . . . 8
6.3 CryptoPro Key Wrap . . . . . . . . . . . . . . . . . . . 7 6.3 CryptoPro Key Wrap . . . . . . . . . . . . . . . . . . . 8
6.4 CryptoPro Key Unwrap . . . . . . . . . . . . . . . . . . 8 6.4 CryptoPro Key Unwrap . . . . . . . . . . . . . . . . . . 9
6.5 CryptoPro KEK Diversification Algorithm. . . . . . . . . 8 6.5 CryptoPro KEK Diversification Algorithm. . . . . . . . . 9
7 Secret Key Diversification . . . . . . . . . . . . . . . 9 7 Secret Key Diversification . . . . . . . . . . . . . . . 9
8 Algorithm parameters . . . . . . . . . . . . . . . . . . 9 8 Algorithm parameters . . . . . . . . . . . . . . . . . . 10
8.1 Encryption algorithm parameters . . . . . . . . . . . . 9 8.1 Encryption algorithm parameters . . . . . . . . . . . . 10
8.2 Digest algorithm parameters. . . . . . . . . . . . . . . 11 8.2 Digest algorithm parameters. . . . . . . . . . . . . . . 11
8.3 GOST R 34.10-94 public key algorithm parameters . . . . 11 8.3 GOST R 34.10-94 public key algorithm parameters . . . . 12
8.4 GOST R 34.10-2001 public key algorithm parameters. . . . 12 8.4 GOST R 34.10-2001 public key algorithm parameters. . . . 13
9 Security Considerations. . . . . . . . . . . . . . . . . 13 9 Security Considerations. . . . . . . . . . . . . . . . . 14
10 Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 14 10 Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 14
11 References . . . . . . . . . . . . . . . . . . . . . . . 49 11 References . . . . . . . . . . . . . . . . . . . . . . . 50
12 Acknowledgments. . . . . . . . . . . . . . . . . . . . . 51 12 Acknowledgments. . . . . . . . . . . . . . . . . . . . . 51
Author's Address. . . . . . . . . . . . . . . . . . . . . . . . 51 Author's Addresses. . . . . . . . . . . . . . . . . . . . . . . 52
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 53 Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 53
1 Introduction 1 Introduction
Russian cryptographic standards that define the algorithms GOST Russian cryptographic standards that define the algorithms GOST
28147-89 [GOST28147], GOST R 34.10-94 [GOSTR341094], GOST R 28147-89 [GOST28147], GOST R 34.10-94 [GOSTR341094], GOST R
34.10-2001 [GOSTR34102001] and GOST R34.11-94 [GOSTR341194] provide 34.10-2001 [GOSTR341001] and GOST R34.11-94 [GOSTR341194] provide
basic information about how the algorithms work, but need basic information about how the algorithms work, but need
supplemental specifications to effectively use the algorithms (a supplemental specifications to effectively use the algorithms (a
brief english technical description of these algorithms can be found brief english technical description of these algorithms can be found
in [Schneier95]). in [Schneier95]).
This document is a proposal put forward by the CRYPT-PRO Company to This document is a proposal put forward by the CRYPT-PRO Company to
provide supplemental information and specifications needed by the provide supplemental information and specifications needed by the
"Russian Cryptographic Software Compatibility Agreement" community. "Russian Cryptographic Software Compatibility Agreement" community.
1.2 Terminology 1.2 Terminology
In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD, In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD,
SHOULD NOT, RECOMMENDED, and MAY are to be interpreted as described SHOULD NOT, RECOMMENDED, and MAY are to be interpreted as described
in [RFC 2119]. in [RFC 2119].
The following functions and operators are also used in this document: The following functions and operators are also used in this document:
'|' stands for concatenation '|' stands for concatenation.
encryptECB (K, D) - is D, encrypted with key K using GOST 28147-89 in encryptECB (K, D) - is D, encrypted with key K using GOST 28147-89 in
"prostaya zamena" (ECB) mode "prostaya zamena" (ECB) mode.
decryptECB (K, D) - is D, decrypted with key K using GOST 28147-89 in decryptECB (K, D) - is D, decrypted with key K using GOST 28147-89 in
ECB mode ECB mode.
encryptCFB (IV, K, D) - is D, encrypted with key K using GOST encryptCFB (IV, K, D) - is D, encrypted with key K using GOST
28147-89 in "gammirovanie s obratnoj svyaziyu" (64-bit CFB) mode, and 28147-89 in "gammirovanie s obratnoj svyaziyu" (64-bit CFB) mode, and
IV as initialization vector. IV as initialization vector.
encryptCNT (IV, K, D) - is D, encrypted with key K using GOST encryptCNT (IV, K, D) - is D, encrypted with key K using GOST
28147-89 in "gammirovanie" (counter) mode, and IV as initialization 28147-89 in "gammirovanie" (counter) mode, and IV as initialization
vector. vector.
gostR3411 (D) - is the 256-bit result of GOST R 34.11-94 hash gostR3411 (D) - is the 256-bit result of GOST R 34.11-94 hash
skipping to change at page 4, line 39 skipping to change at page 4, line 40
There are three padding modes: There are three padding modes:
* Zero padding: 8-x remaining bytes are filled with zero * Zero padding: 8-x remaining bytes are filled with zero
* PKCS#5 padding: 8-x remaining bytes are filled with value of 8-x. * PKCS#5 padding: 8-x remaining bytes are filled with value of 8-x.
If there's no incomplete block, one extra block filled with If there's no incomplete block, one extra block filled with
value 8 is added. value 8 is added.
* Random padding: 8-x remaining bytes of the last block are * Random padding: 8-x remaining bytes of the last block are
set to random. set to random.
2.3 Key Meshing Algorithms 2.3 Key Meshing Algorithms
When there is a need to limit the amount of data enciphered with the Key meshing algorithms transform the key after processing a certain
same key, several key meshing algorithms can be used. Key meshing amount of data. In applications that must be strictly robust to
algorithms transform the key after processing a certain amount of attacks based on timing and EMI analysis one symmetric key should not
data. be used for quantities of plaintext larger than 1024 octets.
Key meshing algorithm affects internal cipher state; it is not a
protocol level feature. Its role is similar to that of a cipher mode.
The choice of key meshing algorithm is usually dictated by the
encryption algorithm parameters, but some protocols explicitly
specify applicable key meshing algorithms.
All encryption parameter sets defined in this document specify the All encryption parameter sets defined in this document specify the
use of CryptoPro key meshing algorithm, except for id- use of CryptoPro key meshing algorithm, except for id-
Gost28147-89-TestParamSet, which specifies use of null key meshing Gost28147-89-TestParamSet, which specifies use of null key meshing
algorithm. algorithm.
2.3.1 Null Key Meshing 2.3.1 Null Key Meshing
The null key meshing algorithm never changes a key. The null key meshing algorithm never changes a key.
skipping to change at page 5, line 16 skipping to change at page 5, line 23
id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::= id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMeshing(14) none(0) } { id-CryptoPro-algorithms keyMeshing(14) none(0) }
There are no meaningful parameters to this algorithm. If present, There are no meaningful parameters to this algorithm. If present,
AlgorithmIdentifier.parameters MUST contain NULL. AlgorithmIdentifier.parameters MUST contain NULL.
2.3.2 CryptoPro Key Meshing 2.3.2 CryptoPro Key Meshing
The CryptoPro key meshing algorithm transforms the key and The CryptoPro key meshing algorithm transforms the key and
initialization vector every 1KB of plaintext data. initialization vector every 1024 octets (8192 bits, or 256 64-bit
blocks) of plaintext data.
This algorithm has the same drawback as OFB cipher mode - it is
impossible to re-establish crypto synch while decrypting a
ciphertext, when some parts of encrypted data are corrupted, lost or
processed out of order. Furthermore, it is impossible to re-synch
even if an IV for each data packet is provided explicitly. Use of
this algorithm in such protocols as IPsec ESP requires special care.
The identifier for this algorithm is: The identifier for this algorithm is:
id-Gost28147-89-CryptoPro-KeyMeshing OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-KeyMeshing OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) } { id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) }
There are no meaningful parameters to this algorithm. If present, There are no meaningful parameters to this algorithm. If present,
AlgorithmIdentifier.parameters MUST contain NULL. AlgorithmIdentifier.parameters MUST contain NULL.
Encryption or decryption starts with key K[0] = K, IV0[0] = IV, i = Encryption or decryption starts with key K[0] = K, IV0[0] = IV, i =
0. Let IV[0] be the value of the initialization vector after 0. Let IV[0] be the value of the initialization vector after
processing the first 1K block of data. Encryption or decryption of processing the first 1024 octets of data. Encryption or decryption of
the next 1K data block will start with K[1] and IV0[1], which are the next 1024 octets will start with K[1] and IV0[1], which are
calculated using the formula: calculated using the formula:
K[i+1] = decryptECB (K[i], C); K[i+1] = decryptECB (K[i], C);
IV0[i+1] = encryptECB (K[i+1],IV[i]) IV0[i+1] = encryptECB (K[i+1],IV[i])
Where C = {0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23, Where C = {0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23,
0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4, 0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4,
0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12, 0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12,
0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B}; 0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B};
After processing each 1K block of data: After processing every 1024 octets of data:
* the resulting initialization vector is stored as IV[i]. * the resulting initialization vector is stored as IV[i].
* K[i+1] and IV0[i+1] are calculated * K[i+1] and IV0[i+1] are calculated
* i is incremented. * i is incremented.
* Next block is encrypted or decrypted using the new key and IV. * Encryption or decryption of next 1024 bytes starts, using
the new key and IV.
The process is repeated until all the data has been processed. The process is repeated until all the data has been processed.
3 HMAC_GOSTR3411 3 HMAC_GOSTR3411
HMAC_GOSTR3411 (K,text) function is based on hash function GOST R HMAC_GOSTR3411 (K,text) function is based on hash function GOST R
34.11-94, as defined in [HMAC], with the following parameter values: 34.11-94, as defined in [HMAC], with the following parameter values:
B = 32, L = 32. B = 32, L = 32.
4 PRF_GOSTR3411 4 PRF_GOSTR3411
PRF_GOSTR3411 is a pseudorandom function, based on HMAC_GOSTR3411. PRF_GOSTR3411 is a pseudorandom function, based on HMAC_GOSTR3411.
It is calculated as P_hash, defined in section 5 of [TLS]. It is calculated as P_hash, defined in section 5 of [TLS].
PRF_GOSTR3411(secret,label,seed) = P_GOSTR3411 (secret,label|seed) PRF_GOSTR3411(secret,label,seed) = P_GOSTR3411 (secret,label|seed).
5 Key Derivation Algorithms 5 Key Derivation Algorithms
Standards [GOSTR341094] and [GOSTR34102001] do not define any key Standards [GOSTR341094] and [GOSTR341001] do not define any key
derivation algorithms. derivation algorithms.
Section 5.1 specifies algorithm VKO GOST R 34.10-94, which generates Section 5.1 specifies algorithm VKO GOST R 34.10-94, which generates
GOST KEK using two GOST R 34.10-94 keypairs. GOST KEK using two GOST R 34.10-94 keypairs.
Section 5.2 specifies algorithm VKO GOST R 34.10-2001, which Section 5.2 specifies algorithm VKO GOST R 34.10-2001, which
generates GOST KEK using two GOST R 34.10-2001 keypairs and UKM. generates GOST KEK using two GOST R 34.10-2001 keypairs and UKM.
Keypairs MUST have identical parameters. Keypairs MUST have identical parameters.
5.1 VKO GOST R 34.10-94 5.1 VKO GOST R 34.10-94
This algorithm creates a a key encryption key (KEK) using the This algorithm creates a key encryption key (KEK) using the sender's
sender's private key and the recipient's public key (or vice versa). private key and the recipient's public key (or vice versa).
Exchange key EK is a 256-bit hash of 1024-bit Diffie-Hellman key Exchange key KEK is a 256-bit hash of the 1024-bit shared secret that
K(x,y); is generated using Diffie-Hellman key agreement.
1. Let K(x,y) = a^(x*y) (mod p), where 1) Let K(x,y) = a^(x*y) (mod p), where
x - sender's private key, a^x - sender's public key x - sender's private key, a^x - sender's public key
y - recipient's private key, a^y - recipient's public key y - recipient's private key, a^y - recipient's public key
a, p - parameters 2. Calculate a 256-bit hash of K(x,y): a, p - parameters
KEK(x,y) = gostR3411 (K(x,y)) 2) Calculate a 256-bit hash of K(x,y):
KEK(x,y) = gostR3411 (K(x,y))
Keypairs x and y MUST comply with [GOSTR341094]. Keypairs x and y MUST comply with [GOSTR341094].
This algorithm MUST NOT be used when a^x = a (mod p) or a^y = a (mod This algorithm MUST NOT be used when a^x = a (mod p) or a^y = a (mod
p). p).
5.2 VKO GOST R 34.10-2001 5.2 VKO GOST R 34.10-2001
This algorithm creates a key encryption key (KEK) using 64 bit UKM, This algorithm creates a key encryption key (KEK) using 64 bit UKM,
the sender's private key and the recipient's public key (or the the sender's private key and the recipient's public key (or the
reverse of the latter pair). reverse of the latter pair).
1. Let K(x,y,UKM) = ((UKM*x)(mod q)) . (y.P) (512 bit), where 1) Let K(x,y,UKM) = ((UKM*x)(mod q)) . (y.P) (512 bit), where
x - sender's private key (256 bit) x - sender's private key (256 bit)
x.P - sender's public key (512 bit) x.P - sender's public key (512 bit)
y - recipient's private key (256 bit) y - recipient's private key (256 bit)
y.P - recipient's public key (512 bit) y.P - recipient's public key (512 bit)
UKM - User Keying Material (64 bit) UKM - User Keying Material (64 bit)
P - base point on the elliptic curve (two 256-bit coordinates) P - base point on the elliptic curve (two 256-bit coordinates)
UKM*x - x multiplied by UKM as integers UKM*x - x multiplied by UKM as integers
x.P - a multiple point x.P - a multiple point
2. Calculate a 256-bit hash of K(x,y,UKM): 2) Calculate a 256-bit hash of K(x,y,UKM):
KEK(x,y,UKM) = gostR3411 (K(x,y,UKM)) KEK(x,y,UKM) = gostR3411 (K(x,y,UKM))
Keypairs x and y MUST comply with [GOSTR34102001]. Keypairs x and y MUST comply with [GOSTR341001].
This algorithm MUST NOT be used when x.P = P, y.P = P This algorithm MUST NOT be used when x.P = P, y.P = P
6 Key Wrap algorithms 6 Key Wrap algorithms
This document defines two key wrap algorithms: GOST 28147-89 Key Wrap This document defines two key wrap algorithms: GOST 28147-89 Key Wrap
and CryptoPro Key Wrap. These are used to encrypt a Content Encryption and CryptoPro Key Wrap. These are used to encrypt a Content
Key (CEK) with a Key Encryption Key (KEK). Encryption Key (CEK) with a Key Encryption Key (KEK).
6.1 GOST 28147-89 Key Wrap 6.1 GOST 28147-89 Key Wrap
This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK. This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
Note: This algorithm MUST NOT be used with a KEK produced by VKO GOST Note: This algorithm MUST NOT be used with a KEK produced by VKO GOST
R 34.10-94, because such a KEK is constant for every sender-recipient R 34.10-94, because such a KEK is constant for every sender-recipient
pair. Encrypting many different content encryption keys on the same pair. Encrypting many different content encryption keys on the same
constant KEK may reveal that KEK. constant KEK may reveal that KEK.
The identifier for this algorithm is: The identifier for this algorithm is:
id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::= id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) none(0) } { id-CryptoPro-algorithms keyWrap(13) none(0) }
The GOST 28147-89 key wrap algorithm is: The GOST 28147-89 key wrap algorithm is:
1. For a unique symmetric KEK, generate 8 octets at random, 1) For a unique symmetric KEK, generate 8 octets at random, call the
call the result UKM. result UKM. For a KEK, produced by VKO GOST R 34.10-2001, use the
For a KEK, produced by VKO GOST R 34.10-2001, use the UKM UKM that was used for key derivation.
that was used for key derivation. 2) Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK, CEK).
2. Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK, CEK).
Call the result CEK_MAC. Call the result CEK_MAC.
3. Encrypt the CEK in ECB mode using the KEK. 3) Encrypt the CEK in ECB mode using the KEK. Call the ciphertext
Call the ciphertext CEK_ENC. CEK_ENC.
4. Let RES = UKM | CEK_ENC | CEK_MAC. 4) The wrapped content-encryption key is (UKM | CEK_ENC | CEK_MAC).
6.2 GOST 28147-89 Key Unwrap 6.2 GOST 28147-89 Key Unwrap
This algorithm decrypts GOST 28147-89 CEK with a GOST 28147-89 KEK. This algorithm decrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
The GOST 28147-89 key unwrap algorithm is: The GOST 28147-89 key unwrap algorithm is:
1. If the wrapped content-encryption key is not 44 octets, then 1) If the wrapped content-encryption key is not 44 octets, then
error. error.
2. Decompose the the wrapped content-encryption key into UKM, 2) Decompose the the wrapped content-encryption key into UKM,
CEK_ENC CEK_ENC and CEK_MAC. UKM is the most significant (first) 8
and CEK_MAC. UKM is the most significant (first) 8 octets. octets. CEK_ENC is next 32 octets, and CEK_MAC is the least
CEK_ENC significant (last) 4 octets.
is next 32 octets, and CEK_MAC is the least significant (last) 4 3) Decrypt CEK_ENC in ECB mode using the KEK. Call the output CEK.
octets. 4) Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK, CEK),
3. Decrypt CEK_ENC in ECB mode using the KEK.
Call the output CEK.
4. Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK, CEK),
compare the result with CEK_MAC. If not equal, then error. compare the result with CEK_MAC. If not equal, then error.
6.3 CryptoPro Key Wrap 6.3 CryptoPro Key Wrap
This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK. This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
It can be used with any KEK (e.g. produced by VKO GOST R 34.10-94 or It can be used with any KEK (e.g. produced by VKO GOST R 34.10-94 or
VKO GOST R 34.10-2001) because unique UKM is used to diversify the VKO GOST R 34.10-2001) because unique UKM is used to diversify the
KEK. KEK.
Identifier for this algorithm: Identifier for this algorithm:
id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) } { id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }
The CryptoPro key wrap algorithm is: The CryptoPro key wrap algorithm is:
1. For a unique symmetric KEK or a KEK produced by VKO GOST R 1) For a unique symmetric KEK or a KEK produced by VKO GOST R
34.10-94, 34.10-94, generate 8 octets at random. Call the result UKM. For
generate 8 octets at random. Call the result UKM. a KEK, produced by VKO GOST R 34.10-2001, use the UKM that was
For a KEK, produced by VKO GOST R 34.10-2001, use the UKM used for key derivation.
that was used for key derivation. 2) Diversify KEK, using the CryptoPro KEK Diversification Algorithm,
2. Diversify KEK, using the CryptoPro KEK Diversification Algorithm,
described in section 6.5. Call the result KEK(UKM). described in section 6.5. Call the result KEK(UKM).
3. Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK(UKM), 3) Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK(UKM),
CEK). CEK). Call the result CEK_MAC.
Call the result CEK_MAC. 4) Encrypt CEK in ECB mode using KEK(UKM). Call the ciphertext
4. Encrypt CEK in ECB mode using KEK(UKM). Call the ciphertext CEK_ENC.
CEK_ENC. 5) The wrapped content-encryption key is (UKM | CEK_ENC | CEK_MAC).
5. Let RES = UKM | CEK_ENC | CEK_MAC.
6.4 CryptoPro Key Unrap 6.4 CryptoPro Key Unrap
This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK. This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
The CryptoPro key unwrap algorithm is: The CryptoPro key unwrap algorithm is:
1. If the wrapped content-encryption key is not 44 octets, then 1) If the wrapped content-encryption key is not 44 octets, then
error. error.
2. Decompose the the wrapped content-encryption key into UKM, 2) Decompose the the wrapped content-encryption key into UKM,
CEK_ENC CEK_ENC and CEK_MAC. UKM is the most significant (first) 8
and CEK_MAC. UKM is the most significant (first) 8 octets. octets. CEK_ENC is next 32 octets, and CEK_MAC is the least
CEK_ENC significant (last) 4 octets.
is next 32 octets, and CEK_MAC is the least significant (last) 3) Diversify KEK using the CryptoPro KEK Diversification Algorithm,
4 octets.
3. Diversify KEK using the CryptoPro KEK Diversification Algorithm,
described in section 6.5. Call the result KEK(UKM). described in section 6.5. Call the result KEK(UKM).
4. Decrypt CEK_ENC in ECB mode using KEK(UKM). 4) Decrypt CEK_ENC in ECB mode using KEK(UKM). Call the output CEK.
Call the output CEK. 5) Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK(UKM),
5. Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK(UKM), CEK), compare the result with CEK_MAC. If not equal, then error.
CEK),
compare the result with CEK_MAC. If not equal, then error.
6.5 CryptoPro KEK Diversification Algorithm 6.5 CryptoPro KEK Diversification Algorithm
Given a random 64-bit UKM, and a GOST 28147-89 key K, this algorithm Given a random 64-bit UKM, and a GOST 28147-89 key K, this algorithm
creates a new GOST 28147-89 key K(UKM). creates a new GOST 28147-89 key K(UKM).
1. Let K[0] = K; 1) Let K[0] = K;
2. UKM is split into components a[i,j]: 2) UKM is split into components a[i,j]:
UKM = a[0]|..|a[7] (a[i] - byte, a[i,0]..a[i,7] - it's bits) UKM = a[0]|..|a[7] (a[i] - byte, a[i,0]..a[i,7] - it's bits)
3. Let i be 0. 3) Let i be 0.
4. K[1]..K[8] are calculated by repeating the 4) K[1]..K[8] are calculated by repeating the
following algorithm eight times: following algorithm eight times:
A) K[i] is split into components k[i,j]: A) K[i] is split into components k[i,j]:
K[i] = k[i,0]|k[i,1]|..|k[i,7] (k[i,j] - 32-bit integer) K[i] = k[i,0]|k[i,1]|..|k[i,7] (k[i,j] - 32-bit integer)
B) Vector S[i] is calculated: B) Vector S[i] is calculated:
S[i] = ((a[i,0]*k[i,0] + ... + a[i,7]*k[i,7]) mod 2^32) S[i] = ((a[i,0]*k[i,0] + ... + a[i,7]*k[i,7]) mod 2^32)
| ((~a[i,0]*k[i,0] + ... + ~a[i,7]*k[i,7]) mod 2^32); | ((~a[i,0]*k[i,0] + ... + ~a[i,7]*k[i,7]) mod 2^32);
C) K[i+1] = encryptCFB (S[i], K[i], K[i]) C) K[i+1] = encryptCFB (S[i], K[i], K[i])
D) i = i + 1 D) i = i + 1
5. Let K(UKM) be K[8]. 5) Let K(UKM) be K[8].
7 Secret Key Diversification 7 Secret Key Diversification
This algorithm creates a GOST 28147-89 key Kd, given GOST R 34.10-94 This algorithm creates a GOST 28147-89 key Kd, given GOST R 34.10-94
or GOST R 34.10-2001 secret key K and diversification data D of size or GOST R 34.10-2001 secret key K and diversification data D of size
4..40 bytes. 4..40 bytes.
1) 40-byte blob B is created from D by cloning it enough times to 1) 40-byte blob B is created from D by cloning it enough times to
fill all 40 bytes. For example, if D is 40-bytes long, B = D; If D is fill all 40 bytes. For example, if D is 40-bytes long, B = D; If
4-bytes long, B = D|D|D|D|D|D|D|D|D|D. D is 4-bytes long, B = D|D|D|D|D|D|D|D|D|D.
2) B is split into 8-byte UKM and 32-byte SRCKEY (B = UKM|SRCKEY). 2) B is split into 8-byte UKM and 32-byte SRCKEY (B = UKM|SRCKEY).
3) The algorithm from section 6.5 is used to create K(UKM) from key K 3) The algorithm from section 6.5 is used to create K(UKM) from key
and UKM with two differences: K and UKM with two differences:
* Instead of S[i], vector (0,0,0,UKM[i],ff,ff,ff,ff XOR UKM[i]) is * Instead of S[i], vector (0,0,0,UKM[i],ff,ff,ff,ff XOR UKM[i])
used. is used.
* During each encryption step, only 8 out of 32 GOST 28147-89 steps * During each encryption step, only 8 out of 32 GOST 28147-89
are done. rounds are done.
4) Kd is calculated: 4) Kd is calculated:
Kd = encryptCFB (UKM, K(UKM), SRCKEY). Kd = encryptCFB (UKM, K(UKM), SRCKEY).
8 Algorithm parameters 8 Algorithm parameters
Standards [GOST28147], [GOST341194], [GOSTR341094] and Standards [GOST28147], [GOST341194], [GOSTR341094] and [GOSTR341001]
[GOSTR34102001] do not define specific values for algorithm do not define specific values for algorithm parameters.
parameters.
This document introduces the use of OIDs to specify algorithm This document introduces the use of ASN.1 object identifiers (OIDs)
parameters. to specify algorithm parameters.
Identifiers and corresponding parameter values for all of the Identifiers and corresponding parameter values for all of the
proposed parameter sets can be found in the Appendix in the form of proposed parameter sets can be found in the Appendix in the form of
ASN.1 modules [X.660]. ASN.1 modules [X.660].
8.1 Encryption algorithm parameters 8.1 Encryption algorithm parameters
GOST 28147-89 can be used in several modes, additional CBC mode is GOST 28147-89 can be used in several modes, additional CBC mode is
defined in section 2.1 this document. It also has an S-Box parameter defined in section 2.1 this document. It also has an S-Box parameter
(see Algorithm Parameters part in [GOST28147] in Russian, description (see Algorithm Parameters part in [GOST28147] in Russian, description
skipping to change at page 12, line 25 skipping to change at page 12, line 30
Parameters for [GOST341194] are presented in the following form: Parameters for [GOST341194] are presented in the following form:
GostR3411-94-ParamSetParameters ::= GostR3411-94-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
hUZ Gost28147-89-UZ, -- S-Box for digest hUZ Gost28147-89-UZ, -- S-Box for digest
h0 GostR3411-94-Digest -- start digest value h0 GostR3411-94-Digest -- start digest value
} }
GostR3411-94-Digest ::= OCTET STRING (SIZE (32)) GostR3411-94-Digest ::= OCTET STRING (SIZE (32))
6.3 GOST R 34.10-94 public key algorithm parameters 8.3 GOST R 34.10-94 public key algorithm parameters
This table contains the list of proposed parameter sets for GOST R This table contains the list of proposed parameter sets for GOST R
34.10-94: 34.10-94:
GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= { GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-TestParamSet } | id-GostR3410-94-TestParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-A-ParamSet } | id-GostR3410-94-CryptoPro-A-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
skipping to change at page 14, line 29 skipping to change at page 14, line 33
} }
a, b - coefficients a and b of the elliptic curve E; a, b - coefficients a and b of the elliptic curve E;
p - prime number - elliptic curve modulus; p - prime number - elliptic curve modulus;
q - prime number - order of cyclic group; q - prime number - order of cyclic group;
x, y - base point p coordinates. x, y - base point p coordinates.
9 Security Considerations 9 Security Considerations
It is RECCOMENDED that software applications verify signature values, It is RECCOMENDED that software applications verify signature values,
subject public keys, and algorithm parameters to conform to subject public keys and algorithm parameters to conform to
[GOSTR34102001], [GOSTR341094] standards prior to their use. [GOSTR341001], [GOSTR341094] standards prior to their use.
Cryptographic algorithm parameters affect rigidity of algorithms. Cryptographic algorithm parameters affect rigidity of algorithms.
The algorithm parameters proposed and described herein have been The algorithm parameters proposed and described herein have been
analyzed by special certification laboratory of Scientific and analyzed by special certification laboratory of Scientific and
Technical Center "ATLAS" and by Center of Certificational Technical Center "ATLAS" and by Center of Certificational
Investigations in appropriate levels of target_of_evaluation (TOE), Investigations in appropriate levels of target_of_evaluation (TOE),
according to [RFDSL], [RFLLIC] and [CRYPTOLIC]. according to [RFDSL], [RFLLIC] and [CRYPTOLIC].
Use of different parameter sets is NOT RECOMENDED. When different Use of different parameter sets is NOT RECOMENDED. When different
parameters are used it is RECCOMENDED to subject them to examination parameters are used it is RECCOMENDED to subject them to examination
skipping to change at page 18, line 50 skipping to change at page 19, line 5
SEQUENCE { SEQUENCE {
encryptedKey Gost28147-89-Key, encryptedKey Gost28147-89-Key,
maskKey [0] IMPLICIT Gost28147-89-Key OPTI maskKey [0] IMPLICIT Gost28147-89-Key OPTI
ONAL, ONAL,
macKey Gost28147-89-MAC (SIZE (4)) macKey Gost28147-89-MAC (SIZE (4))
} }
Gost28147-89-BlobParameters ::= Gost28147-89-BlobParameters ::=
SEQUENCE { SEQUENCE {
encryptionParamSet encryptionParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet | -- Only for id-Gost28147-89-TestParamSet |
testing purposes -- Only for testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet | id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet | id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet | id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet | id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet | id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet | id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet | id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
), ),
... ...
} }
-- GOST 28147-89 encryption algorithm parameters -- GOST 28147-89 encryption algorithm parameters
Gost28147-89-Parameters ::= Gost28147-89-Parameters ::=
SEQUENCE { SEQUENCE {
iv Gost28147-89-IV, iv Gost28147-89-IV,
encryptionParamSet encryptionParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet | -- Only for test id-Gost28147-89-TestParamSet |
ing purposes -- Only for testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet | id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet | id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet | id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet | id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet | id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet | id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet | id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
) )
} }
skipping to change at page 27, line 37 skipping to change at page 27, line 42
id-GostR3411-94-TestParamSet OBJECT IDENTIFIER ::= id-GostR3411-94-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-hashes test(0) } { id-CryptoPro-hashes test(0) }
id-GostR3411-94-CryptoProParamSet OBJECT IDENTIFIER ::= id-GostR3411-94-CryptoProParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-hashes cryptopro(1) } { id-CryptoPro-hashes cryptopro(1) }
-- GOST R 34.11-94 data types -- GOST R 34.11-94 data types
GostR3411-94-Data ::= Gost28147-89-Data GostR3411-94-Data ::= Gost28147-89-Data
GostR3411-94-Digest ::= OCTET STRING (SIZE (32)) GostR3411-94-Digest ::= OCTET STRING (SIZE (32))
-- GOST R 34.11-94 digest algorithm & parameters -- GOST R 34.11-94 digest algorithm & parameters
GostR3411-94-DigestParameters ::= GostR3411-94-DigestParameters ::=
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3411-94-TestParamSet | -- Only for testing id-GostR3411-94-TestParamSet |
purposes -- Only for testing purposes
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
) )
GostR3411-94-DigestAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3411-94-DigestAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-GostR3411-94 } | { NULL IDENTIFIED BY id-GostR3411-94 } |
-- Assume id-GostR3411-94-CryptoProParamSet -- Assume id-GostR3411-94-CryptoProParamSet
{ GostR3411-94-DigestParameters { GostR3411-94-DigestParameters
IDENTIFIED BY id-GostR3411-94 } IDENTIFIED BY id-GostR3411-94 }
} }
END -- GostR3411-94-DigestSyntax END -- GostR3411-94-DigestSyntax
10.5 GostR3411-94-ParamSetSyntax 10.5 GostR3411-94-ParamSetSyntax
GostR3411-94-ParamSetSyntax GostR3411-94-ParamSetSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3411-94-ParamSetSyntax(7) 1 } other(1) modules(1) gostR3411-94-ParamSetSyntax(7) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
skipping to change at page 31, line 23 skipping to change at page 31, line 26
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
id-GostR3411-94-TestParamSet, id-GostR3411-94-TestParamSet,
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
; ;
-- GOST R 34.10-94 OIDs -- GOST R 34.10-94 OIDs
id-GostR3410-94 OBJECT IDENTIFIER ::= id-GostR3410-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostR3410-94(20) } { id-CryptoPro-algorithms gostR3410-94(20) }
id-GostR3410-94DH OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostR3410-94DH(99) }
id-GostR3411-94-with-GostR3410-94 OBJECT IDENTIFIER ::= id-GostR3411-94-with-GostR3410-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms { id-CryptoPro-algorithms
gostR3411-94-with-gostR3410-94(4) } gostR3411-94-with-gostR3410-94(4) }
-- GOST R 34.10-94 public key parameter set OIDs -- GOST R 34.10-94 public key parameter set OIDs
id-GostR3410-94-TestParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs test(0) } { id-CryptoPro-signs test(0) }
id-GostR3410-94-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs cryptopro-A(2) } { id-CryptoPro-signs cryptopro-A(2) }
id-GostR3410-94-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs cryptopro-B(3) } { id-CryptoPro-signs cryptopro-B(3) }
skipping to change at page 32, line 5 skipping to change at page 32, line 10
-- GOST R 34.10-94 data types -- GOST R 34.10-94 data types
GostR3410-94-CertificateSignature ::= GostR3410-94-CertificateSignature ::=
BIT STRING ( SIZE(256..512) ) BIT STRING ( SIZE(256..512) )
GostR3410-94-PublicKeyOctetString ::= GostR3410-94-PublicKeyOctetString ::=
OCTET STRING ( SIZE( OCTET STRING ( SIZE(
64 | -- Only for testing purposes 64 | -- Only for testing purposes
128 128
) ) ) )
GostR3410-94-PublicKey ::= GostR3410-94-PublicKey ::=
BIT STRING ( SIZE(16..1048) ) BIT STRING ( SIZE(16..1048) )
-- Container for GostR3410-94-PublicKeyOcte -- Container for GostR3410-94-PublicKeyOctetString
tString
GostR3410-94-PublicKeyParameters ::= GostR3410-94-PublicKeyParameters ::=
SEQUENCE { SEQUENCE {
publicKeyParamSet publicKeyParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3410-94-TestParamSet | -- Only for id-GostR3410-94-TestParamSet |
testing purposes -- Only for testing purposes
id-GostR3410-94-CryptoPro-A-ParamSet | id-GostR3410-94-CryptoPro-A-ParamSet |
id-GostR3410-94-CryptoPro-B-ParamSet | id-GostR3410-94-CryptoPro-B-ParamSet |
id-GostR3410-94-CryptoPro-C-ParamSet | id-GostR3410-94-CryptoPro-C-ParamSet |
id-GostR3410-94-CryptoPro-D-ParamSet | id-GostR3410-94-CryptoPro-D-ParamSet |
id-GostR3410-94-CryptoPro-XchA-ParamSet | id-GostR3410-94-CryptoPro-XchA-ParamSet |
id-GostR3410-94-CryptoPro-XchB-ParamSet | id-GostR3410-94-CryptoPro-XchB-ParamSet |
id-GostR3410-94-CryptoPro-XchC-ParamSet id-GostR3410-94-CryptoPro-XchC-ParamSet
), ),
digestParamSet digestParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3411-94-TestParamSet | -- Only for id-GostR3411-94-TestParamSet |
testing purposes -- Only for testing purposes
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
), ),
encryptionParamSet encryptionParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet | -- Only for id-Gost28147-89-TestParamSet |
testing purposes -- Only for testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet | id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet | id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet | id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet | id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet | id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet | id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet | id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
) OPTIONAL ) OPTIONAL
} }
skipping to change at page 33, line 49 skipping to change at page 34, line 4
id-GostR3410-94-CryptoPro-XchB-ParamSet, id-GostR3410-94-CryptoPro-XchB-ParamSet,
id-GostR3410-94-CryptoPro-XchC-ParamSet id-GostR3410-94-CryptoPro-XchC-ParamSet
FROM GostR3410-94-PKISyntax gostR3410-94-PKISyntax FROM GostR3410-94-PKISyntax gostR3410-94-PKISyntax
AlgorithmIdentifier AlgorithmIdentifier
FROM PKIX1Explicit88 {iso(1) identified-organization(3) FROM PKIX1Explicit88 {iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7) dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)} id-mod(0) id-pkix1-explicit-88(1)}
; ;
-- GOST R 34.10-94 public key parameter sets: -- GOST R 34.10-94 public key parameter sets:
-- OIDs for parameter sets are imported from GostR3410-94-PKISynt -- OIDs for parameter sets are imported from GostR3410-94-PKISynt
ax ax
GostR3410-94-ParamSetParameters ::= GostR3410-94-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
t INTEGER (512 | 1024), -- 512 - only for testing p t INTEGER (512 | 1024),
-- 512 - only for testing purposes
urposes
p INTEGER ( p INTEGER (
1675975991242824637446753124775730765934920 1675975991242824637446753124775730765934920
7275740491722154451804652205037591933721002342872708629284612539822 7275740491722154451804652205037591933721002342872708629284612539822
73310756356719235351493321243304206125760513 73310756356719235351493321243304206125760513
.. ..
1340780792994259709957402499820584612747936 1340780792994259709957402499820584612747936
5820592393377723561443721764030073546976801874298166903427690031858 5820592393377723561443721764030073546976801874298166903427690031858
186486050853753882811946569946433649006084095 186486050853753882811946569946433649006084095
| |
1123558209288947442330815744243140458511235 1123558209288947442330815744243140458511235
6118389416079589380072358292237843810195794279832650471001320007117 6118389416079589380072358292237843810195794279832650471001320007117
4919620848536743605509010389058029644149671327736104933390540928297 4919620848536743605509010389058029644149671327736104933390540928297
6888872507788088246581768450531286055238441764640393009211956940880 6888872507788088246581768450531286055238441764640393009211956940880
1702322709406917786643639996702871154982269052209770601514008577 1702322709406917786643639996702871154982269052209770601514008577
.. ..
1797693134862315907729305190789024733617976 1797693134862315907729305190789024733617976
9789423065727343008115773267580550096313270847732240753602112011387 9789423065727343008115773267580550096313270847732240753602112011387
9871393357658789768814416622492847430639474124377767893424865485276 9871393357658789768814416622492847430639474124377767893424865485276
3022196012460941194530829520850057688381506823424628814739131105408 3022196012460941194530829520850057688381506823424628814739131105408
27237163350510684586298239947245938479716304835356329624224137215 27237163350510684586298239947245938479716304835356329624224137215
), -- 2^509 < p < 2^512 or 2^1020 < p ),
< 2^1024 -- 2^509 < p < 2^512 or 2^1020 < p < 2^1024
q INTEGER ( q INTEGER (
2894802230932904885589274625217197696331749 2894802230932904885589274625217197696331749
6166410141009864396001978282409985 6166410141009864396001978282409985
.. ..
1157920892373161954235709850086879078532699 1157920892373161954235709850086879078532699
84665640564039457584007913129639935 84665640564039457584007913129639935
), -- 2^254 < q < 2^256 ),
-- 2^254 < q < 2^256
a INTEGER ( a INTEGER (
2 2
.. ..
1797693134862315907729305190789024733617976 1797693134862315907729305190789024733617976
9789423065727343008115773267580550096313270847732240753602112011387 9789423065727343008115773267580550096313270847732240753602112011387
9871393357658789768814416622492847430639474124377767893424865485276 9871393357658789768814416622492847430639474124377767893424865485276
3022196012460941194530829520850057688381506823424628814739131105408 3022196012460941194530829520850057688381506823424628814739131105408
27237163350510684586298239947245938479716304835356329624224137214 27237163350510684586298239947245938479716304835356329624224137214
), -- 1 < a < p-1 < 2^1024-1 ),
-- 1 < a < p-1 < 2^1024-1
validationAlgorithm validationAlgorithm
AlgorithmIdentifier OPTIONAL AlgorithmIdentifier OPTIONAL
-- {{ GostR3410-94-ValidationAlgorithms }} -- {{ GostR3410-94-ValidationAlgorithms }}
} }
GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= { GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-TestParamSet } | id-GostR3410-94-TestParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-A-ParamSet } | id-GostR3410-94-CryptoPro-A-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-B-ParamSet } | id-GostR3410-94-CryptoPro-B-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-C-ParamSet } | id-GostR3410-94-CryptoPro-C-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-D-ParamSet } | id-GostR3410-94-CryptoPro-D-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-XchA-ParamSet } id-GostR3410-94-CryptoPro-XchA-ParamSet } |
|
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-XchB-ParamSet } id-GostR3410-94-CryptoPro-XchB-ParamSet } |
|
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-XchC-ParamSet } id-GostR3410-94-CryptoPro-XchC-ParamSet }
} }
-- GOST R 34.10-94 validation/constructor -- GOST R 34.10-94 validation/constructor
id-GostR3410-94-a OBJECT IDENTIFIER ::= id-GostR3410-94-a OBJECT IDENTIFIER ::=
{ id-GostR3410-94 a(1) } { id-GostR3410-94 a(1) }
id-GostR3410-94-aBis OBJECT IDENTIFIER ::= id-GostR3410-94-aBis OBJECT IDENTIFIER ::=
{ id-GostR3410-94 aBis(2) } { id-GostR3410-94 aBis(2) }
id-GostR3410-94-b OBJECT IDENTIFIER ::= id-GostR3410-94-b OBJECT IDENTIFIER ::=
{ id-GostR3410-94 b(3) } { id-GostR3410-94 b(3) }
id-GostR3410-94-bBis OBJECT IDENTIFIER ::= id-GostR3410-94-bBis OBJECT IDENTIFIER ::=
{ id-GostR3410-94 bBis(4) } { id-GostR3410-94 bBis(4) }
skipping to change at page 36, line 40 skipping to change at page 36, line 44
t 512, t 512,
p 124915547966163973920072918453616810199 p 124915547966163973920072918453616810199
8078908472884630401364679546630263334642577236927706463888185842887 8078908472884630401364679546630263334642577236927706463888185842887
9662416202925770315709968465491470753112581700067, 9662416202925770315709968465491470753112581700067,
q 690083979912374782185295287117535788574 q 690083979912374782185295287117535788574
64356221556536838757636132646301588781, 64356221556536838757636132646301588781,
a 830582195677962819385275050881175724488 a 830582195677962819385275050881175724488
9982632821843521491035713173371468528798753831744267407230704527461 9982632821843521491035713173371468528798753831744267407230704527461
062321732669034432746173786958142572929772413468, 062321732669034432746173786958142572929772413468,
validationAlgorithm { validationAlgorithm {
algorithm algorithm
id-GostR3410-94-a, id-GostR3410-94-a,
parameters parameters
GostR3410-94-ValidationParameters: GostR3410-94-ValidationParameters: {
{ x0 24265,
x0 24265, c 29505,
c 29505, d 2
d 2 }
}
} }
} }
} }
-- CryptoPro parameters -- CryptoPro parameters
gostR3410-94-CryptoPro-A-ParamSetAI gostR3410-94-CryptoPro-A-ParamSetAI
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-A-ParamSet, id-GostR3410-94-CryptoPro-A-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
t 1024, t 1024,
p 127021248288932417465907042777176443525 p 127021248288932417465907042777176443525
skipping to change at page 37, line 29 skipping to change at page 37, line 32
83, 83,
q 683631961449557007844441656118272528951 q 683631961449557007844441656118272528951
02170888761442055095051287550314083023, 02170888761442055095051287550314083023,
a 100997906755055304772081815535925224869 a 100997906755055304772081815535925224869
8410825720534578748235158755771479905292727772441528526992987964833 8410825720534578748235158755771479905292727772441528526992987964833
5669968284202797289605274717317548059048560713474685214192868091256 5669968284202797289605274717317548059048560713474685214192868091256
1502802222185647539190902656116367847270145019066794290930185446216 1502802222185647539190902656116367847270145019066794290930185446216
3997308722217328898303231940973554032134009725883228768509467406639 3997308722217328898303231940973554032134009725883228768509467406639
62, 62,
validationAlgorithm { validationAlgorithm {
algorithm algorithm
id-GostR3410-94-bBis, id-GostR3410-94-bBis,
parameters parameters
GostR3410-94-ValidationBisParameter GostR3410-94-ValidationBisParameters: {
s: { x0 1376285941,
x0 1376285941, c 3996757427
c 3996757427 }
} }
}
} }
} }
-- --
gostR3410-94-CryptoPro-B-ParamSetAI gostR3410-94-CryptoPro-B-ParamSetAI
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-B-ParamSet, id-GostR3410-94-CryptoPro-B-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
skipping to change at page 38, line 15 skipping to change at page 38, line 17
63, 63,
q 798851416634109768976271189357563237473 q 798851416634109768976271189357563237473
07951916507639758300472692338873533959, 07951916507639758300472692338873533959,
a 429418261486158041438734477379555023926 a 429418261486158041438734477379555023926
7234596860714306679811299408947123142002706038521669956384871995765 7234596860714306679811299408947123142002706038521669956384871995765
7284814898909770759462613437669456364882730370838934791080835932647 7284814898909770759462613437669456364882730370838934791080835932647
9767786019153434744009610342313166725786869204821949328786333602033 9767786019153434744009610342313166725786869204821949328786333602033
8479709268434224762105576023501613261478065276102850944540333865234 8479709268434224762105576023501613261478065276102850944540333865234
1, 1,
validationAlgorithm { validationAlgorithm {
algorithm algorithm
id-GostR3410-94-bBis, id-GostR3410-94-bBis,
parameters parameters
GostR3410-94-ValidationBisParameter GostR3410-94-ValidationBisParameters: {
s: { x0 1536654555,
x0 1536654555, c 1855361757,
c 1855361757, d 144086293861400145676554902
d 14408629386140014567655 9392820565478578022414617829967020177130599747551043947399151406115
4902939282056547857802241461782996702017713059974755104394739915140 2847910244390627357883427448541206016603039262038677035568280058957
6115284791024439062735788342744854120601660303926203867703556828005 203818114895398976594425537561271800850306
8957203818114895398976594425537561271800850306 }
} }
}
} }
} }
-- --
gostR3410-94-CryptoPro-C-ParamSetAI gostR3410-94-CryptoPro-C-ParamSetAI
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-C-ParamSet, id-GostR3410-94-CryptoPro-C-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
skipping to change at page 39, line 6 skipping to change at page 39, line 7
01, 01,
q 113468861199819350564868233378875198043 q 113468861199819350564868233378875198043
267947776488510997961231672532899549103, 267947776488510997961231672532899549103,
a 816552717970881016017893191415300348226 a 816552717970881016017893191415300348226
2544051353358162468249467681876621283478212884286545844013955142622 2544051353358162468249467681876621283478212884286545844013955142622
2087723485023722868022275009502224827866201744494021697716482008353 2087723485023722868022275009502224827866201744494021697716482008353
6398202298024892620480898699335508064332313529725332208819456895108 6398202298024892620480898699335508064332313529725332208819456895108
5155178100221003459370588291073071186553005962149936840737128710832 5155178100221003459370588291073071186553005962149936840737128710832
3, 3,
validationAlgorithm { validationAlgorithm {
algorithm algorithm
id-GostR3410-94-bBis, id-GostR3410-94-bBis,
parameters parameters
GostR3410-94-ValidationBisParameter GostR3410-94-ValidationBisParameters: {
s: { x0 1132758852,
x0 1132758852, c 3037364845,
c 3037364845, d 9175906676429839327
d 9175906676429839327 }
} }
}
} }
} }
-- --
gostR3410-94-CryptoPro-D-ParamSetAI gostR3410-94-CryptoPro-D-ParamSetAI
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-D-ParamSet, id-GostR3410-94-CryptoPro-D-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
skipping to change at page 39, line 42 skipping to change at page 39, line 42
9, 9,
q 108988435796353506912374591498972192620 q 108988435796353506912374591498972192620
190487557619582334771735390599299211593, 190487557619582334771735390599299211593,
a 756976611021707301782128757801610628085 a 756976611021707301782128757801610628085
5283803109571158829574281419208532589041660017017859858216341400371 5283803109571158829574281419208532589041660017017859858216341400371
4687551412794400562878935266630754392677014598582103365983119173924 4687551412794400562878935266630754392677014598582103365983119173924
4732511225464712252386803315902707727668715343476086350472025298282 4732511225464712252386803315902707727668715343476086350472025298282
7271461690125050616858238384366331089777463541013033926723743254833 7271461690125050616858238384366331089777463541013033926723743254833
7, 7,
validationAlgorithm { validationAlgorithm {
algorithm algorithm
id-GostR3410-94-bBis, id-GostR3410-94-bBis,
parameters parameters
GostR3410-94-ValidationBisParameter GostR3410-94-ValidationBisParameters: {
s: { x0 333089693,
x0 333089693, c 2699681355,
c 2699681355, d 691588776390130148119174466
d 69158877639013014811917 5240278894786443822142755842460366243252
44665240278894786443822142755842460366243252 }
} }
}
} }
} }
-- --
gostR3410-94-CryptoPro-XchA-ParamSetAI gostR3410-94-CryptoPro-XchA-ParamSetAI
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-XchA-ParamSet, id-GostR3410-94-CryptoPro-XchA-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
skipping to change at page 40, line 32 skipping to change at page 40, line 31
39, 39,
q 917715298965546059455881490183827502172 q 917715298965546059455881490183827502172
96858393520724172743325725474374979801, 96858393520724172743325725474374979801,
a 133531813272720673433859519948319001217 a 133531813272720673433859519948319001217
9423759678474868994823595993696425287347124615904033277318214103280 9423759678474868994823595993696425287347124615904033277318214103280
1252925387191478859899310331056774413619636480306472137782665689868 1252925387191478859899310331056774413619636480306472137782665689868
6468463277710150809401182608770201615324990468332931294920912776241 6468463277710150809401182608770201615324990468332931294920912776241
1378780302243557466062839716593764268326742697808800616315281634758 1378780302243557466062839716593764268326742697808800616315281634758
87, 87,
validationAlgorithm { validationAlgorithm {
algorithm algorithm
id-GostR3410-94-bBis, id-GostR3410-94-bBis,
parameters parameters
GostR3410-94-ValidationBisParameter GostR3410-94-ValidationBisParameters: {
s: { x0 3495862036,
x0 3495862036, c 1177570399,
c 1177570399, d 354788961024091889513964706
d 35478896102409188951396 4772083281962391865341410582282334567466222018672580177997251216990
4706477208328196239186534141058228233456746622201867258017799725121 5264460862437764160334831107459
69905264460862437764160334831107459 }
} }
}
} }
} }
-- --
gostR3410-94-CryptoPro-XchB-ParamSetAI gostR3410-94-CryptoPro-XchB-ParamSetAI
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-XchB-ParamSet, id-GostR3410-94-CryptoPro-XchB-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
skipping to change at page 41, line 21 skipping to change at page 41, line 19
33, 33,
q 910967139180262691658231805060355567362 q 910967139180262691658231805060355567362
87694981825930883887968885281641595199, 87694981825930883887968885281641595199,
a 889086472782842315169999580187575789103 a 889086472782842315169999580187575789103
1463338652579140051973659304813144068585706736982940794774449630665 1463338652579140051973659304813144068585706736982940794774449630665
6291505503608252399443790027238674914599623086783222866197754399281 6291505503608252399443790027238674914599623086783222866197754399281
6745254823298629859875357546628605173883785473616768576901778033580 6745254823298629859875357546628605173883785473616768576901778033580
4511440773337196253842353291939447787366475282450998661787899244317 4511440773337196253842353291939447787366475282450998661787899244317
7, 7,
validationAlgorithm { validationAlgorithm {
algorithm algorithm
id-GostR3410-94-bBis, id-GostR3410-94-bBis,
parameters parameters
GostR3410-94-ValidationBisParameter GostR3410-94-ValidationBisParameters: {
s: { x0 2046851076,
x0 2046851076, c 3541716983,
c 3541716983, d 573326676109894760566159697
d 57332667610989476056615 28891533566058787317492748441827236576904274546146
969728891533566058787317492748441827236576904274546146 }
} }
}
} }
} }
-- --
gostR3410-94-CryptoPro-XchC-ParamSetAI gostR3410-94-CryptoPro-XchC-ParamSetAI
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-XchC-ParamSet, id-GostR3410-94-CryptoPro-XchC-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
skipping to change at page 42, line 4 skipping to change at page 41, line 49
t 1024, t 1024,
p 124699636699347751360714726579406443620 p 124699636699347751360714726579406443620
3408861395055989217248455729987073769899965148066236472399285932086 3408861395055989217248455729987073769899965148066236472399285932086
8822848751165438350943327664722262594061556058045004094721182602772 8822848751165438350943327664722262594061556058045004094721182602772
9977563540237169063044807971577164944777844700059741903245772222625 9977563540237169063044807971577164944777844700059741903245772222625
3269698374446528353527293043937461065763833491510017159309241154995 3269698374446528353527293043937461065763833491510017159309241154995
49, 49,
q 678787613733659123438029502006568252711 q 678787613733659123438029502006568252711
81294680501479431146754294748422492761, 81294680501479431146754294748422492761,
a 443061846429758418247313503080985932686 a 443061846429758418247313503080985932686
3990650118941756995270074860997318142695023523962323911055745082691 3990650118941756995270074860997318142695023523962323911055745082691
9295792878938752101867704718162325102751695310043185596483760265782 9295792878938752101867704718162325102751695310043185596483760265782
7828194249605561893696586532551313719448313624777365346841011879674 7828194249605561893696586532551313719448313624777365346841011879674
0709840825496997937556072234510670472108602597930996876319307290833 0709840825496997937556072234510670472108602597930996876319307290833
4, 4,
validationAlgorithm { validationAlgorithm {
algorithm algorithm
id-GostR3410-94-bBis, id-GostR3410-94-bBis,
parameters parameters
GostR3410-94-ValidationBisParameter GostR3410-94-ValidationBisParameters: {
s: { x0 371898640,
x0 371898640, c 2482514131,
c 2482514131, d 393411701713094918946116909
d 39341170171309491894611 229454740026575590650016887148241594213466186452691964676993
6909229454740026575590650016887148241594213466186452691964676993 }
} }
}
} }
} }
END -- GostR3410-94-ParamSetSyntax END -- GostR3410-94-ParamSetSyntax
10.8 GostR3410-2001-PKISyntax 10.8 GostR3410-2001-PKISyntax
GostR3410-2001-PKISyntax GostR3410-2001-PKISyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-2001-PKISyntax(9) 1 } other(1) modules(1) gostR3410-2001-PKISyntax(9) 1 }
DEFINITIONS ::= DEFINITIONS ::=
skipping to change at page 43, line 21 skipping to change at page 43, line 17
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
id-GostR3411-94-TestParamSet, id-GostR3411-94-TestParamSet,
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
; ;
-- GOST R 34.10-2001 OIDs -- GOST R 34.10-2001 OIDs
id-GostR3410-2001 OBJECT IDENTIFIER ::= id-GostR3410-2001 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostR3410-2001(19) } { id-CryptoPro-algorithms gostR3410-2001(19) }
id-GostR3410-2001DH OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostR3410-2001DH(98) }
id-GostR3411-94-with-GostR3410-2001 OBJECT IDENTIFIER ::= id-GostR3411-94-with-GostR3410-2001 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms { id-CryptoPro-algorithms
gostR3411-94-with-gostR3410-2001(3) } gostR3411-94-with-gostR3410-2001(3) }
-- GOST R 34.10-2001 public key parameter set OIDs -- GOST R 34.10-2001 public key parameter set OIDs
id-GostR3410-2001-TestParamSet OBJECT IDENTIFIER ::= id-GostR3410-2001-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-signs test(0) } { id-CryptoPro-ecc-signs test(0) }
id-GostR3410-2001-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-2001-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-signs cryptopro-A(1) } { id-CryptoPro-ecc-signs cryptopro-A(1) }
id-GostR3410-2001-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-2001-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-signs cryptopro-B(2) } { id-CryptoPro-ecc-signs cryptopro-B(2) }
skipping to change at page 43, line 46 skipping to change at page 43, line 44
id-GostR3410-2001-CryptoPro-XchB-ParamSet id-GostR3410-2001-CryptoPro-XchB-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-exchanges cryptopro-XchB(1) } { id-CryptoPro-ecc-exchanges cryptopro-XchB(1) }
-- GOST R 34.10-2001 Data Types -- GOST R 34.10-2001 Data Types
GostR3410-2001-CertificateSignature ::= GostR3410-2001-CertificateSignature ::=
BIT STRING ( SIZE(256..512) ) BIT STRING ( SIZE(256..512) )
GostR3410-2001-PublicKeyOctetString ::= GostR3410-2001-PublicKeyOctetString ::=
OCTET STRING ( SIZE(64) ) OCTET STRING ( SIZE(64) )
GostR3410-2001-PublicKey ::= GostR3410-2001-PublicKey ::=
BIT STRING ( SIZE(16..524) ) BIT STRING ( SIZE(16..524) )
-- Container for GostR3410-2001-PublicKeyOc -- Container for GostR3410-2001-PublicKeyOctetString
tetString
GostR3410-2001-PublicKeyParameters ::= GostR3410-2001-PublicKeyParameters ::=
SEQUENCE { SEQUENCE {
publicKeyParamSet publicKeyParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3410-2001-TestParamSet | -- Only for id-GostR3410-2001-TestParamSet |
testing purposes -- Only for testing purposes
id-GostR3410-2001-CryptoPro-A-ParamSet | id-GostR3410-2001-CryptoPro-A-ParamSet |
id-GostR3410-2001-CryptoPro-B-ParamSet | id-GostR3410-2001-CryptoPro-B-ParamSet |
id-GostR3410-2001-CryptoPro-C-ParamSet | id-GostR3410-2001-CryptoPro-C-ParamSet |
id-GostR3410-2001-CryptoPro-XchA-ParamSet | id-GostR3410-2001-CryptoPro-XchA-ParamSet |
id-GostR3410-2001-CryptoPro-XchB-ParamSet id-GostR3410-2001-CryptoPro-XchB-ParamSet
), ),
digestParamSet digestParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3411-94-TestParamSet | -- Only for id-GostR3411-94-TestParamSet |
testing purposes -- Only for testing purposes
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
), ),
encryptionParamSet encryptionParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet | -- Only for id-Gost28147-89-TestParamSet |
testing purposes -- Only for testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet | id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet | id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet | id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet | id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet | id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet | id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet | id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
) OPTIONAL ) OPTIONAL
} }
skipping to change at page 47, line 7 skipping to change at page 47, line 4
gostR3410-2001-TestParamSet gostR3410-2001-TestParamSet
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-2001-TestParamSet, id-GostR3410-2001-TestParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 7, a 7,
b 4330887654676727690576590459565093199594211 b 4330887654676727690576590459565093199594211
1794451039583252968842033849580414, 1794451039583252968842033849580414,
-- 5FBFF498AA938CE739B8E022FBAFEF40563F6E6A -- 5FBFF498AA938CE739B8E022FBAFEF40
3472FC2A514C0CE9DAE23B7E -- 563F6E6A3472FC2A514C0CE9DAE23B7E
p 5789604461865809771178549250434395392663499 p 5789604461865809771178549250434395392663499
2332820282019728792003956564821041, 2332820282019728792003956564821041,
-- 8000000000000000000000000000000000000000 -- 80000000000000000000000000000000
000000000000000000000431 -- 00000000000000000000000000000431
q 5789604461865809771178549250434395392708293 q 5789604461865809771178549250434395392708293
4583725450622380973592137631069619, 4583725450622380973592137631069619,
-- 8000000000000000000000000000000150FE8A18 -- 8000000000000000000000000000000150FE8A18
92976154C59CFC193ACCF5B3 92976154C59CFC193ACCF5B3
x 2, x 2,
y 4018974056590375033354494229370597756357393 y 4018974056590375033354494229370597756357393
89905545080690979365213431566280 89905545080690979365213431566280
-- 8E2A8A0E65147D4BD6316030E16D19C85C97F0A9 -- 8E2A8A0E65147D4BD6316030E16D19C
CA267122B96ABBCEA7E8FC8 -- 85C97F0A9CA267122B96ABBCEA7E8FC8
} }
} }
gostR3410-2001-CryptoPro-A-ParamSet gostR3410-2001-CryptoPro-A-ParamSet
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-2001-CryptoPro-A-ParamSet, id-GostR3410-2001-CryptoPro-A-ParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 1157920892373161954235709850086879078532699 a 1157920892373161954235709850086879078532699
84665640564039457584007913129639316, 84665640564039457584007913129639316,
-- -3 == p - 3 -- -3 == p - 3
b 166, b 166,
-- a6 -- a6
p 1157920892373161954235709850086879078532699 p 1157920892373161954235709850086879078532699
84665640564039457584007913129639319, 84665640564039457584007913129639319,
-- ffffffffffffffffffffffffffffffffffffffff -- ffffffffffffffffffffffffffffffff
fffffffffffffffffffffd97 -- fffffffffffffffffffffffffffffd97
q 1157920892373161954235709850086879078530737 q 1157920892373161954235709850086879078530737
62908499243225378155805079068850323, 62908499243225378155805079068850323,
-- ffffffffffffffffffffffffffffffff6c611070 -- ffffffffffffffffffffffffffffffff
995ad10045841b09b761b893 -- 6c611070995ad10045841b09b761b893
x 1, x 1,
y 6403388114292720268364988145043347398593176 y 6403388114292720268364988145043347398593176
0268884941288852745803908878638612 0268884941288852745803908878638612
-- 8d91e471e0989cda27df505a453f2b7635294f2d -- 8d91e471e0989cda27df505a453f2b76
df23e3b122acc99c9e9f1e14 -- 35294f2ddf23e3b122acc99c9e9f1e14
} }
} }
gostR3410-2001-CryptoPro-B-ParamSet gostR3410-2001-CryptoPro-B-ParamSet
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-2001-CryptoPro-B-ParamSet, id-GostR3410-2001-CryptoPro-B-ParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 5789604461865809771178549250434395392663499 a 5789604461865809771178549250434395392663499
2332820282019728792003956564823190, 2332820282019728792003956564823190,
-- -3 == p - 3 -- -3 == p - 3
b 2809101935305809009699697900030956075912436 b 2809101935305809009699697900030956075912436
8558014865957655842872397301267595, 8558014865957655842872397301267595,
-- 3e1af419a269a5f866a7d3c25c3df80ae9792593 -- 3e1af419a269a5f866a7d3c25c3df80a
73ff2b182f49d4ce7e1bbc8b -- e979259373ff2b182f49d4ce7e1bbc8b
p 5789604461865809771178549250434395392663499 p 5789604461865809771178549250434395392663499
2332820282019728792003956564823193, 2332820282019728792003956564823193,
-- 8000000000000000000000000000000000000000 -- 80000000000000000000000000000000
000000000000000000000c99 -- 00000000000000000000000000000c99
q 5789604461865809771178549250434395392710213 q 5789604461865809771178549250434395392710213
3160255826820068844496087732066703, 3160255826820068844496087732066703,
-- 800000000000000000000000000000015f700cff -- 80000000000000000000000000000001
f1a624e5e497161bcc8a198f -- 5f700cfff1a624e5e497161bcc8a198f
x 1, x 1,
y 2879266581485461129699234745838028413502863 y 2879266581485461129699234745838028413502863
6778229113005756334730996303888124 6778229113005756334730996303888124
-- 3fa8124359f96680b83d1c3eb2c070e5c545c985 -- 3fa8124359f96680b83d1c3eb2c070e5
8d03ecfb744bf8d717717efc -- c545c9858d03ecfb744bf8d717717efc
} }
} }
gostR3410-2001-CryptoPro-C-ParamSet gostR3410-2001-CryptoPro-C-ParamSet
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-2001-CryptoPro-C-ParamSet, id-GostR3410-2001-CryptoPro-C-ParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 7039008535208330519954771801901843784107951 a 7039008535208330519954771801901843784107951
6630045180471284346843705633502616, 6630045180471284346843705633502616,
-- -3 == p - 3 -- -3 == p - 3
b 32858, b 32858,
-- 805a -- 805a
p 7039008535208330519954771801901843784107951 p 7039008535208330519954771801901843784107951
6630045180471284346843705633502619, 6630045180471284346843705633502619,
-- 9b9f605f5a858107ab1ec85e6b41c8aacf846e86 -- 9b9f605f5a858107ab1ec85e6b41c8aa
789051d37998f7b9022d759b -- cf846e86789051d37998f7b9022d759b
q 7039008535208330519954771801901843784092088 q 7039008535208330519954771801901843784092088
2647164081035322601458352298396601, 2647164081035322601458352298396601,
-- 9b9f605f5a858107ab1ec85e6b41c8aa582ca351 -- 9b9f605f5a858107ab1ec85e6b41c8aa
1eddfb74f02f3a6598980bb9 -- 582ca3511eddfb74f02f3a6598980bb9
x 0, x 0,
y 2981889391773124073347127324031476992724055 y 2981889391773124073347127324031476992724055
0812383695689146495261604565990247 0812383695689146495261604565990247
-- 41ece55743711a8c3cbf3783cd08c0ee4d4dc440 -- 41ece55743711a8c3cbf3783cd08c0ee
d4641a8f366e550dfdb3bb67 -- 4d4dc440d4641a8f366e550dfdb3bb67
} }
} }
gostR3410-2001-CryptoPro-ExA-ParamSet gostR3410-2001-CryptoPro-ExA-ParamSet
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-2001-CryptoPro-XchA-ParamSet, id-GostR3410-2001-CryptoPro-XchA-ParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 1157920892373161954235709850086879078532699 a 1157920892373161954235709850086879078532699
84665640564039457584007913129639316, 84665640564039457584007913129639316,
-- -3 == p - 3 -- -3 == p - 3
b 166, b 166,
-- a6 -- a6
p 1157920892373161954235709850086879078532699 p 1157920892373161954235709850086879078532699
84665640564039457584007913129639319, 84665640564039457584007913129639319,
-- ffffffffffffffffffffffffffffffffffffffff -- ffffffffffffffffffffffffffffffff
fffffffffffffffffffffd97 -- fffffffffffffffffffffffffffffd97
q 1157920892373161954235709850086879078530737 q 1157920892373161954235709850086879078530737
62908499243225378155805079068850323, 62908499243225378155805079068850323,
-- ffffffffffffffffffffffffffffffff6c611070 -- ffffffffffffffffffffffffffffffff
995ad10045841b09b761b893 -- 6c611070995ad10045841b09b761b893
x 1, x 1,
y 6403388114292720268364988145043347398593176 y 6403388114292720268364988145043347398593176
0268884941288852745803908878638612 0268884941288852745803908878638612
-- 8d91e471e0989cda27df505a453f2b7635294f2d -- 8d91e471e0989cda27df505a453f2b76
df23e3b122acc99c9e9f1e14 -- 35294f2ddf23e3b122acc99c9e9f1e14
} }
} }
gostR3410-2001-CryptoPro-ExB-ParamSet gostR3410-2001-CryptoPro-ExB-ParamSet
AlgorithmIdentifier ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3410-2001-CryptoPro-XchB-ParamSet, id-GostR3410-2001-CryptoPro-XchB-ParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 7039008535208330519954771801901843784107951 a 7039008535208330519954771801901843784107951
6630045180471284346843705633502616, 6630045180471284346843705633502616,
-- -3 == p - 3 -- -3 == p - 3
b 32858, b 32858,
-- 805a -- 805a
p 7039008535208330519954771801901843784107951 p 7039008535208330519954771801901843784107951
6630045180471284346843705633502619, 6630045180471284346843705633502619,
-- 9b9f605f5a858107ab1ec85e6b41c8aacf846e86 -- 9b9f605f5a858107ab1ec85e6b41c8aa
789051d37998f7b9022d759b -- cf846e86789051d37998f7b9022d759b
q 7039008535208330519954771801901843784092088 q 7039008535208330519954771801901843784092088
2647164081035322601458352298396601, 2647164081035322601458352298396601,
-- 9b9f605f5a858107ab1ec85e6b41c8aa582ca351 -- 9b9f605f5a858107ab1ec85e6b41c8aa
1eddfb74f02f3a6598980bb9 -- 582ca3511eddfb74f02f3a6598980bb9
x 0, x 0,
y 2981889391773124073347127324031476992724055 y 2981889391773124073347127324031476992724055
0812383695689146495261604565990247 0812383695689146495261604565990247
-- 41ece55743711a8c3cbf3783cd08c0ee4d4dc440 -- 41ece55743711a8c3cbf3783cd08c0ee
d4641a8f366e550dfdb3bb67 -- 4d4dc440d4641a8f366e550dfdb3bb67
} }
} }
END -- GostR3410-2001-ParamSetSyntax END -- GostR3410-2001-ParamSetSyntax
11 References 11 References
[GOST28147] "Cryptographic Protection for Data Processing Sys- Normative references:
tem", GOST 28147-89, Gosudarstvennyi Standard of
USSR, Government Committee of the USSR for Standards,
1989. (In Russian);
[GOSTR341094] "Information technology. Cryptographic Data Security. [GOST28147] "Cryptographic Protection for Data Processing System",
Produce and check procedures of Electronic Digital GOST 28147-89, Gosudarstvennyi Standard of USSR, Gov-
Signatures based on Asymmetric Cryptographic Algo- ernment Committee of the USSR for Standards, 1989. (In
rithm.", GOST R 34.10-94, Gosudarstvennyi Standard of Russian);
Russian Federation, Government Committee of the Rus-
sia for Standards, 1994. (In Russian);
[GOSTR34102001] "Information technology. Cryptographic data security. [GOSTR341094] "Information technology. Cryptographic Data Security.
Signature and verification processes of [electronic] Produce and check procedures of Electronic Digital Sig-
digital signature.", GOST R 34.10-2001, Gosudarstven- natures based on Asymmetric Cryptographic Algorithm.",
nyi Standard of Russian Federation, Government Com- GOST R 34.10-94, Gosudarstvennyi Standard of Russian
mittee of the Russia for Standards, 2001. (In Rus- Federation, Government Committee of the Russia for
sian); Standards, 1994. (In Russian);
[GOSTR341194] "Information technology. Cryptographic Data Security. [GOSTR341001] "Information technology. Cryptographic data security.
Hashing function.", GOST R 34.11-94, Gosudarstvennyi Signature and verification processes of [electronic]
Standard of Russian Federation, Government Committee digital signature.", GOST R 34.10-2001, Gosudarstvennyi
of the Russia for Standards, 1994. (In Russian); Standard of Russian Federation, Government Committee of
the Russia for Standards, 2001. (In Russian);
[Schneier95] B. Schneier, Applied cryptography, second edition, [GOSTR341194] "Information technology. Cryptographic Data Security.
John Wiley & Sons, Inc., 1995; Hashing function.", GOST R 34.11-94, Gosudarstvennyi
Standard of Russian Federation, Government Committee of
the Russia for Standards, 1994. (In Russian);
[X.660] ITU-T Recommendation X.660 Information Technology - [RFC 2119] Bradner, S., "Key Words for Use in RFCs to Indi-
ASN.1 encoding rules: Specification of Basic Encoding cateRequirement Levels", BCP 14, RFC 2119, March 1997.
Rules (BER), Canonical Encoding Rules (CER) and Dis-
tinguished Encoding Rules (DER), 1997.
[RFC 2119] Bradner, S., "Key Words for Use in RFCs to Indi- [HMAC] H. Krawczyk, M. Bellare, R. Canetti, "HMAC: Keyed-Hash-
cateRequirement Levels", BCP 14, RFC 2119, March ing for Message Authentication", RFC 2104, February
1997. 1997.
[HMAC] H. Krawczyk, M. Bellare, R. Canetti, "HMAC: Keyed- Informative references:
Hashing for Message Authentication", RFC 2104 Febru-
ary 1997.
[TLS] The TLS Protocol Version 1.0. T. Dierks, C. Allen. [Schneier95] B. Schneier, Applied cryptography, second edition,
January 1999, RFC 2246. John Wiley & Sons, Inc., 1995;
[RFDSL] "Russian Federal Digital Signature Law", 10 Jan 2002 [RFDSL] "Russian Federal Digital Signature Law", 10 Jan 2002
N1-FZ N1-FZ
[RFLLIC] "Russian Federal Law on Licensing of Selected Activ- [RFLLIC] "Russian Federal Law on Licensing of Selected Activity
ity Categories", 08 Aug 2001 N 128-FZ Categories", 08 Aug 2001 N 128-FZ
[CRYPTOLIC] "Russian Federal Goverment Regulation on Licensing of [CRYPTOLIC] "Russian Federal Goverment Regulation on Licensing of
Selected Activity Categories in Cryptography Area", Selected Activity Categories in Cryptography Area", 23
23 Sep 2002 N 691 Sep 2002 N 691
[X.660] ITU-T Recommendation X.660 Information Technology -
ASN.1 encoding rules: Specification of Basic Encoding
Rules (BER), Canonical Encoding Rules (CER) and Distin-
guished Encoding Rules (DER), 1997.
[TLS] The TLS Protocol Version 1.0. T. Dierks, C. Allen.
January 1999, RFC 2246.
12 Acknowledgments 12 Acknowledgments
This document was created in accordance with "Russian Cryptographic This document was created in accordance with "Russian Cryptographic
Software Compatibility Agreement", signed by FGUE STC "Atlas", Software Compatibility Agreement", signed by FGUE STC "Atlas",
CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI), CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI),
Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual
compatibility of the products and solutions. compatibility of the products and solutions.
The authors wish to thank: The authors wish to thank:
skipping to change at page 53, line 40 skipping to change at page 53, line 30
EMail: igus@cryptocom.ru EMail: igus@cryptocom.ru
Anatolij Erkin Anatolij Erkin
SPRCIS (SPbRCZI) SPRCIS (SPbRCZI)
1, Obrucheva, 1, Obrucheva,
St.Petersburg, 195220, Russian Federation St.Petersburg, 195220, Russian Federation
EMail: erkin@nevsky.net EMail: erkin@nevsky.net
Full Copyright Statement Full Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject Copyright (C) The Internet Society (2005).
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights. This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Expires January 2006
 End of changes. 135 change blocks. 
374 lines changed or deleted 377 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/