R. Housley, Cryptographic Message Syntax, Request for Comments 2630, June 1999.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....21:26:46 UTC TSA Name: C=U;O=WetStone;OU=Datum Trusted Time StampServer SN:90D00248;CN=Paul319 Digital Signature Figure 1. Hex Dump of a Sample Timestamp The TimeStampToken is a reasonably straightforward ASN.1 data type that is encapsulated into a SignedData type as defined by R. Housley. [3] The hex dump above shows a complete time stamp and then points out a few of the interesting fields. Once time can be bound to digital information, the next question to ask is, How can you prove the time of the time stamp was valid when the time stamp was created The question really is do ....

....Time Module (STM) Figure 2. The Secure Time Module In order to issue timestamps, an STM must have two certificates: an identity certificate and a Time Attribute Certificate (TAC) Time stamps that are issued by the STM are based on the RFC 3161 specification and are subsequently a SignedData [3] data type. It is required that the time stamps issued by the STM specify the TAC under which they are operating. Since the time stamp is a SignedData [3] data type and the TAC is a standard X.509 Attribute Certificate, the TAC can be included in the stamp in accordance with standard practice ....

[Article contains additional citation context not shown here]

R. Housley, "Cryptographic Message Syntax", RFC 2630, June 1999.

....document hash is joint to the current date and forms a time stamp information structure (TSTInfo) Then, the resulting structure is encapsulated in a cryptographic message which is signed by the TSA. Hence, time stamp s security is not part of TSP but is delegated to Cryptographic Message Syntax [CMS99]. TSP lies above CMS. Figure 2 gives an overview of what each document explains. A time stamp response is secured through the following steps (please refer to figure 3) 1. First, a status is included to the time stamp response. It briefly describes the status of the time stamping process. If no ....

....Signatures, and is compatible with XML Advanced Signatures. 4 XML Schemas for time stamping Our time stamping protocol is directly inspired by [TSP01] and, likewise, the transport means are left aside, the securisation of the data being realised thanks to XML Signatures [DSIG02] as it was by CMS [CMS99] for the original protocol. Hence, the protocol is basically defined by the structure of the request sent by a client to the TSA and the response of the TSA to the client which includes the time stamp information. These structures are defined using XML schemas, which provides great readability of ....

[Article contains additional citation context not shown here]

R. Housley, Cryptographic Message Syntax, Network Working Group, RFC 2630, June 1999.

....have demonstrated the effectiveness in achieving scalable confidentiality, integrity, authentication and non repudiation services. Even though there have been defined so far general standards for defining rich formats of a digital signature applied on data objects, like PKCS#7 [PKCS7] or CMS [Hou99a], there still exist the need for a standard entirely defining the format of the data that is to be signed, the format of the signature and the format of the electronic documents. Only the existence of a widely accepted standard for the format of electronic signature that could remain valid over ....

....mail security S MIME [Ram99] the Secure Electronic Specification Transaction (SET) specifications for credit card payments or the PKCS#12 standard [PKCS12] for secure transport of private key and certificate. The evolution of this standard is the Cryptographic Message Syntax (CMS) standard [Hou99a] proposed by the SMIME working group of IETF to digitally sign, digest, authenticate, or encrypt arbitrary messages. Basically PKCS#7 CMS introduces various formats useful when there is the need to add cryptographic enhancements to data like digital signatures or encryption. The syntax allows ....

[Article contains additional citation context not shown here]

R. Housley, "Cryptographic Message Syntax", RFC-2630, 1999

....2. 1 E mail Encryption Protocols The attack outlined herein is applicable to many di#erent e mail encryption protocols [17, 18] In this paper, we explicitly consider attacks on OpenPGP [5, 7, 19] the attack is also applicable to previous versions of PGP) S MIME [16] building upon CMS [10] and or PKCS#7 [11] PEM [14] and MOSS [6] We refer the reader to the listed references for an in depth description of these protocols; in this paper, we merely provide a high level description necessary for a proper understanding of the attack. Specifically, the attack exploits the ....

....of any particular attack depends on the specifics of the decryption oracle access assumed available (which depends upon the behavior of the recipient of the original message; see below) This type of attack is not limited to protocols using CFB mode. CBC mode, used by PEM [14] and CMS [10] is also vulnerable to a chosen ciphertext attack, as are all other popular modes of encryption [18] including ECB, OFB, PCBC, and counter mode) Note further that CBC and CFB modes are local modes of encryption, in the sense that the i th through the j th blocks of the plaintext are ....

R. Housley, "Cryptographic Message Syntax," RFC 2630, Jun 1999.

....for a low level mechanism like IPSEC [12] but for uservisible applications like secure e mail, programmers need turnkey cryptography, not only cryptographic toolkits. Thus, naive Sign Encrypt has come to characterize file handling and e mail security applications. PKCS#7 [23] CMS 3 [9], S MIME [20] and PGP 4 [29] all suffer from this defect. Further, the W3C s 5 XML Signature XML Encryption Working Groups have explicitly set themselves the task 3 Cryptographic Message Syntax. 4 Pretty Good Privacy 5 The World Wide Web Consortium, see http: w3.org . of supplying ....

R. Housley, Internet RFC 2630 "Cryptographic Message Syntax," June 1999. ftp://ftp.isi.edu/in-notes/rfc2630.txt

....Hash Algorithms Implementations MUST implement SHA 1. Implementations SHOULD implement MD5. 4. SIP Security with S MIME Support for the use of the S MIME message format is OPTIONAL in this specification. The Cryptographic Message Syntax (CMS) is derived from PKCS#7 [14] and is fully defined in [15]. This syntax is used here to digitally sign or encrypt SIP messages and describes an encapsulation syntax for data protection. The CMS values are generated using ASN.1 [12] using BER encoding [13] and values are generally represented as octet strings. CMS associates a protection content type with ....

....with a protection content and has ASN.1 type ContentInfo: ContentInfo : SEQUENCE ContentType ContentType, Content[0] EXPLICIT ANY DEFINED BY contentType ContentType : OBJECT IDENTIFIER ContentType indicates the type of protection content and is an Object Identifier. Six are defined in [15] but only Data, SignedData and EnvelopedData are of relevance to this document. Content is the actual protected content. Sending agents MUST use the data content type as the content within other content types to indicate the message content which has had security services applied to it. In ....

[Article contains additional citation context not shown here]

R. Housley "Cryptographic Message Syntax" Internet Draft: draft-ietf-smime-cms-03.txt, Jan 1998

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 3269, August 2002.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

R. Housley, Cryptographic Message Syntax, Request for Comments 2630, June 1999.

No context found.

R. Housley, Cryptographic Message Syntax, Request for Comments 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

R. Housley, \Cryptographic Message Syntax," RFC 2630, Jun 1999.

No context found.

Housley, R.: Cryptographic Message Syntax (CMS). Available at http://www.ietf.org/rfc/rfc2630.txt (1999)

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

R. Housley. Cryptographic Message Syntax, RFC 3369. IETF, August 2002.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

R. Housley, "Cryptographic Message Syntax," Internet Engineering Task Force, RFC 2630, June 1999.

No context found.

R. Housley. Cryptographic Message Syntax, RFC 3369. IETF, August 2002.

No context found.

R. Housley. Cryptographic Message Syntax. Available at http://www.ietf.org/html.charters/ smime-charter.html, April 2002, work in progress.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

R. Housley (1999), Cryptographic Message Syntax (CMS), available at http://www.ietf.org/rfc/rfc2630.txt

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

R. Housley, "Cryptographic Message Syntax", RFC 2630, June 1999.

No context found.

R. Housley. "Cryptographic Message Syntax". Request For Comments 2630. Internet Engineering Task Force, June 1999. 107

No context found.

Housley, R., "Cryptographic message syntax", RFC 2630, June 1999.

No context found.

Housley, R.: Cryptographic Message Syntax. The IETF, RFC 2630, June 1999.

No context found.

Housley, R. Cryptographic Message Syntax. RFC 2630, June 1999.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC