Use of the SM2 and SM3 Algorithms in Handle System
draft-chen-sm2-sm3-algorithms-00
Network Working Group Y. Chen
Internet Draft J. Wang
Intended status: Informational B. Zhang
Expires: May 2021 Z. Fan
X. Ma
Z. Li
J. Xie
November 30, 2020
China Academy of Information and Communications Technology
Use of the SM2 and SM3 Algorithms in Handle System
draft-chen-sm2-sm3-algorithms-00
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. This memo provides information for
the Internet community. It does not specify an Internet standard of
any kind. Distribution of this memo is unlimited.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
This Internet-Draft will expire on May 30, 2021.
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document.
Chen, et al. Expires May 30, 2021 [Page 1]
Internet-Draft SM2 and SM3 Algorithm in Handle System November 2020
Abstract
The Handle System is a global name service that allows secured handle
resolution and administration over the public Internet according to
[1][5][3]. Handle System protocol [3] is designed to be transmitted
as a byte stream via a TCP connection. In this document, SM2 and SM3
algorithms [4][5]are introduced into the handle system to enhance the
security and compactivity. Trusted resolution and message credential
are extended to support SM2 and SM3 algorithms.
Table of Contents
1. Introduction...................................................2
2. SM2 and SM3 Algorithms Overview................................2
2.1. SM2 Algorithm.............................................3
2.2. SM3 Algorithm.............................................3
3. Trusted Resolution with SM2 and SM3 Algorithms.................3
3.1. HS_CERT Extension.........................................3
3.1.1. Header using SM2 and SM3.............................4
3.1.2. Payload using SM2 and SM3............................4
3.1.3. Signatrue of the Header and Payload..................5
3.2. HS_SIGNATRUE Extension....................................5
3.2.1. Header using SM2 and SM3.............................6
3.2.2. Payload using SM2 and SM3............................6
3.2.3. Signatrue of the Header and Payload..................8
4. Message Credential with SM2 and SM3 Algorithms.................8
4.1. Message Credential........................................8
4.2. Data Signing with SM2 Algorithm...........................8
4.3. SM3 Digest Algorithm in Message Credential................9
5. Security Considerations........................................9
6. IANA Considerations............................................9
7. References.....................................................9
7.1. Normative References......................................9
8. Acknowledgments...............................................10
1. Introduction
RFC 3650-RFC 3652[1],[5][3] provide an open protocol, a general-
purpose global name service, and a reference implementation of the
protocol. RSA and DSA algorithms are commonly used when generating
data signatures. With the development of cryptography and computer
technology, the currently commonly used 1024-bit RSA algorithm faces
security threats. In order to enhance data integrity protection based
Show full document text