ISO 24485:2022
ISO 24485:2022 Information security, cybersecurity and privacy protection – Security techniques – Security properties and best practices for test and evaluation of white box cryptography
CDN $115.00
Description
This document introduces security properties and provides best practices on the test and evaluation of white box cryptography (WBC). WBC is a cryptographic algorithm specialized for a key or secret, but where the said key cannot be extracted.
The WBC implementation can consist of plain source code for the cryptographic algorithm and/or of a device implementing the algorithm. In both cases, security functions are implemented to deter an attacker from uncovering the key or secret.
Security properties consist in the secrecy of security parameters concealed within the implementation of the white box cryptography. Best practices for the test and evaluation includes mathematical and practical analyses, static and dynamic analyses, non-invasive and invasive analyses.
This document is related to ISO/IEC 19790 which specifies security requirements for cryptographic modules. In those modules, critical security parameters (CSPs) and public security parameters (PSPs) are the assets to protect. WBC is one solution to conceal CSPs inside of the implementation.
Edition
1
Published Date
2022-10-20
Status
PUBLISHED
Pages
12
Language
English
Format
Secure PDF
Secure – PDF details
- Save your file locally or view it via a web viewer
- Viewing permissions are restricted exclusively to the purchaser
- Device limits - 3
- Printing – Enabled only to print (1) copy
See more about our Environmental Commitment
Abstract
This document introduces security properties and provides best practices on the test and evaluation of white box cryptography (WBC). WBC is a cryptographic algorithm specialized for a key or secret, but where the said key cannot be extracted.
The WBC implementation can consist of plain source code for the cryptographic algorithm and/or of a device implementing the algorithm. In both cases, security functions are implemented to deter an attacker from uncovering the key or secret.
Security properties consist in the secrecy of security parameters concealed within the implementation of the white box cryptography. Best practices for the test and evaluation includes mathematical and practical analyses, static and dynamic analyses, non-invasive and invasive analyses.
This document is related to ISO/IEC 19790 which specifies security requirements for cryptographic modules. In those modules, critical security parameters (CSPs) and public security parameters (PSPs) are the assets to protect. WBC is one solution to conceal CSPs inside of the implementation.
Previous Editions
Can’t find what you are looking for?
Please contact us at:
Related Documents
-
ISO 27402:2023 Cybersecurity – IoT security and privacy – Device baseline requirements
CDN $173.00 Add to cart -
ISO 27554:2024 Information security, cybersecurity and privacy protection – Application of ISO 31000 for assessment of identity-related risk
CDN $173.00 Add to cart -
ISO 20243:2023 Information technology – Open Trusted Technology ProviderTM Standard (O-TTPS) – Part 2: Assessment procedures for the O-TTPS
CDN $312.00 Add to cart -
ISO 27562:2024 Information technology – Security techniques – Privacy guidelines for fintech services
CDN $273.00 Add to cart
