home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Internet Standards
/
CD2.mdf
/
ccitt
/
1992
/
x
/
x32_a.asc
< prev
next >
Wrap
Text File
|
1991-12-31
|
49KB
|
1,279 lines
ANNEX A
(to Recommendation X.32)
Actions taken by the DCE in the roles of questioning
and challenged parties for security grade 1
and security grade 2 identifications
A.1 Introduction
This annex specifies the actions taken by the DCE when it acts as the
questioning and challenged parties for security grade 1 and security grade 2
identifications. When performing the identification procedure described in S
7.1.2, the DCE shall act as described in this annex.
Note - As the identification protocol is symmetrical and should be used by
the DTE in the same manner as the DCE, the actions of the DTE should correspond
directly to the actions defined for the DCE.
The identification protocol is presented as a succession of state diagrams
and corresponding tables.
In this annex, a DIAG element is considered as positive when its parameter
field means identification/authentication confirmed, request for dial-back
confirmed, or dial-back indicator (see S 7.3.3.5). It is considered as negative
in other cases.
A.1.1 Symbol definition of state diagrams
FIGURE T0706570-88
A.1.2 Definition of actions
In each table, the actions taken by the DCE as the questioning party or
the challenged party are indicated in the following way:
NORMAL: Normal event; protocol elements received are handled as
described in S 7.1.2.
DISCARD: Received message is discarded.
RAND: RAND transmitted.
Positive DIAG: Positive DIAG transmitted.
Negative DIAG: Negative DIAG transmitted.
ID [, SIG]: ID [, SIG] transmittted.
SRES: SRES transmitted.
Each entry in the tables in this annex gives, first, the action taken, if
any, then an arrow indicating the transition, and finally, the state that the DCE
as the questioning or challenged party will enter.
A.2 Security grade 1 identification
A.2.1 DCE acting as the questioning party
The DCE acts as the questioning party for security grade 1 when it offers
identified or customized DTE service via the XID or registration DTE
identification method with grade 1 authentication. Four states are defined for
describing the procedures the DCE uses:
a) q11 - Waiting for ID [, SIG] (grade 1)
This is the initial state of the DTE identification process. It is
entered after the switched connection is established and, when the
registration procedure DTE identification method is used, after the
link layer is set up. In this state, the DCE expects to receive the ID
(and possibly SIG) element(s) from the DTE. If the DCE allows retrying
the identification protocol, this state is also entered when a DTE
identification attempt has failed and the limit of retries has not been
exhausted.
b) q12 - Evaluating ID [, SIG] (grade 1)
In this state, the DCE determines whether or not the DTE identity that
was presented in the ID (and possibly SIG) element(s) is acceptable.
The result is the transmission by the DCE to the DTE of the DIAG
element, which has as its value the success or not of the acceptability
evaluation.
c) q13 - DTE identification successful (grade 1)
In this state, the DCE provides the identified or customized DTE
service to the identified DTE. The DCE remains in this state until the
switched connection is disconnected.
d) q14 - DTE identification unsuccessful (grade 1)
In this state, the DCE does not provide the identified or customized
DTE service (unless NUI is used on a per virtual call basis for the
Identified DTE service) but may provide the Nonidentified DTE service
Fascicle VIII.2 - Rec. X.32 PAGE1
if it is supported. The DCE enters this state when the last DTE
identification attempt allowed by the retry limit has failed. The DCE
remains in this state until the switched connection is disconnected.
Figure A-1/X.32 provides the state diagram for the DCE acting as the
questioning party in the case of security grade 1 identification.
The actions to be taken by the DCE acting as the questioning party for
security grade 1 identification, when one of the listed events occurs, are
indicated in Table A-1/X.32.
FIGURE A-1/X.32 T0706580-88
PAGE1 Fascicle VIII.2 - Rec. X.32
TABLE A-1/X.32
Actions taken by the DCE as the questioning party (security grade 1)
State of the DCE acting q11 q12 q13 q14 DTE
as the questioning party Waiting for Evaluating Identification identification
Protocol element received ID [, SIG] ID [, SIG] successful unsuccessful
by the DCE or decision by (grade 1) (grade 1) (grade 1) (grade 1) (see
the DCE Note 1)
ID [, SIG] NORMAL ->q12 DISCARD ->q12 DISCARD ->q13 DISCARD ->q14
DCE checking of the ID [, Positive DIAG ///////////////
SIG] is complete /////////////// ->q13 or /////////////// /
/ negative DIAG / ///////////////
/////////////// ->q14 or ->q11 /////////////// /
/ (see Note 2) / ///////////////
/////////////// /////////////// /
/ / ///////////////
/////////////// /////////////// /
/ / ///////////////
/////////////// /////////////// /
/ / ///////////////
/////////////// /////////////// /
/ /
Note 1 - When in this state, the DCE should disconnect the switched access path when it
is sure that the DIAG element has been received by the challenged party or the challenged
party is out-of-order.
Note 2 - Depending on whether or not ID and/or SIG are recognized as correct by the DCE.
When negative DIAG, go to q11 until the retry limit has been reached.
A.2.2 DCE acting as the challenged party
The DCE acts as the challenged party for security grade 1 when it
identifies itself to the DTE via the XID or registration DCE identification
method with grade 1 authentication. Four states are defined for describing the
procedures the DCE uses:
a) c11 - Initial challenged (grade 1)
This is the initial state of the DCE identification process. It is
entered after the switched connection is established, and, when the
registration procedure DCE identification method is used, after the
link layer is set up. In this state, the DCE transmits the ID (and
possibly SIG) element(s) to the DTE.
b) c12 - Waiting for DIAG (grade 1)
In this state, the DCE expects to receive the DIAG element which has as
its value the acceptability or not of the DCE identity.
c) c13 - DCE Identification successful (grade 1)
In this state, the DCE has completed its identification successfully.
The DCE remains in this state until the switched connection is
disconnected.
d) c14 - DCE Identification unsuccessful (grade 1)
The DCE enters this state when the DCE identification attempt has
failed. The DCE remains in this state until the switched connection is
disconnected.
Figure A-2/X.32 provides the state diagram for the DCE acting as the
challenged party in the case of security grade 1 identification.
The actions to be taken by the DCE as the challenged party for security
grade 1 identification, when one of the listed events occurs, are indicated in
Table A-2/X.32.
FIGURE A-2/X.32 T0706590-88
Fascicle VIII.2 - Rec. X.32 PAGE1
TABLE A-2/X.32
Actions taken by the DCE as the challenged party (security grade 1)
State of the DCE acting c11 c12 c13 c14
as the challenged party Initial Waiting for Identification identification
challenged DIAG
Protocol element received (grade 1) (grade 1) successful unsuccessful
by the DCE or decision by (grade 1) (grade 1) (see
the DCE Note 1)
DCE decides it wants to be ID [, SIG] - /////////////////////////////////////////////
identified >c12 / / /
/////////////////////////////////////////////
/ / /
Positive DIAG NORMAL ->c13 NORMAL ->c13 DISCARD ->q13 DISCARD ->q14
or c14
(see Note 2)
Negative DIAG NORMAL ->c14 NORMAL ->c14 DISCARD ->q13 DISCARD ->q14
Note 1 - In this state, the DCE shall disconnect the switched access path.
Note 2 - c13 or c14 depending on whether or not the DCE wants to be identified.
PAGE1 Fascicle VIII.2 - Rec. X.32
A.3 Security grade 2 identification
A.3.1 DCE acting as the questioning party
The DCE acts as the questioning party for security grade 2 when it offers
identified or customized DTE service via the XID or registration DTE
identification method with grade 2 authentication. Six states are defined for
describing the procedures the DCE uses:
a) q21 - Waiting for ID [, SIG] (grade 2)
This is the initial state of the DTE identification process. It is
entered after the switched connection is established and, when the
registration procedure DTE identification method is used, after the
link layer is set up. In this state, the DCE expects to receive the ID
(and possibly SIG) element(s) from the DTE.
b) q22 - Evaluating ID [, SIG] (grade 2)
In this state, the DCE begins determining whether or not the DTE
identity that was presented in the ID (and possibly SIG) element(s) is
acceptable. If the DTE identity is acceptable or the acceptability is
not fully determined in this state, the DCE generates the value for the
RAND element and transmits it to the DTE. If the DTE identity is
unacceptable, the DCE transmits to the DTE the DIAG element with a
negative value.
c) q23 - Waiting for SRES
In this state, the DCE expects to receive the SRES element from the
DTE. The DCE may continue to evaluate the ID (and possibly SIG)
element(s) and, if the DTE identity is unacceptable, the DCE transmits
to the DTE the DIAG element with a negative value.
d) q24 - Evaluating SRES
In this state, the DCE determines if the value presented in the SRES
element is correct for the DTE identity. If the evaluation of the ID [,
SIG] element(s) has not already been completed, it is completed in this
state. The results of the SRES check (and the last of the ID [, SIG]
check) is transmitted by the DCE to the DTE as the value of the DIAG
element.
e) q25 - DTE identification successful (grade 2)
In this state, the DCE provides the identified or customized DTE
service to the identified DTE. The DCE remains in this state until the
switched connection is disconnected.
f) q26 - DTE identification unsuccessful (grade 2)
In this state, the DCE does not provide the identified or customized
DTE service (unless NUI is used on a per virtual call basis for the
identified DTE service) but may provide the nonidentified DTE service
if it is supported. The DCE remains in this state until the switched
connection is disconnected.
Figure A-3/X.32 provides a state diagram for the DCE acting as the
questioning party in case of security grade 2 identification.
The actions to be taken by the DCE as the questioning party for security
grade 2 identification, when one of the listed events occurs, are indicated in
Table A-3/X.32.
A.3.2 DCE acting as the challenged party
The DCE acts as the challenged party for security grade 2 when it
identifies itself to the DTE via the XID or registration DCE identification
method with grade 2 authentication. Six states are defined for describing the
procedures the DCE uses:
a) c21 - Initial challenged (grade 2)
This is the initial state of the DCE identification process. It is
entered after the switched connection is established, and, when the
registration procedure DCE identification method is used, after the
link layer is set up. In this state, the DCE transmits the ID (and
possibly SIG) element(s) to the DTE.
b) c22 - Waiting for RAND
In this state, the DCE expects to receive the RAND element. If the ID
(and possible SIG) are not acceptable to the DTE, the DCE may receive
the DIAG element with a negative value.
c) c23 - Calculating SRES
Using the value of the RAND element, the DCE calculates the value for
the SRES element and transmits it to the DTE. If the DTE has continued
Fascicle VIII.2 - Rec. X.32 PAGE1
to evaluate the ID (and possibly SIG) and determined that it is not
acceptable, the DCE may receive the DIAG element with a negative value.
d) c24 - Waiting for DIAG (grade 2)
In this state, the DCE expects to receive the DIAG element which has as
its value the acceptability or not of the DCE identity and SRES value.
e) c25 - DCE identification successful (grade 2)
In this state, the DCE has completed its identification successfully.
The DCE remains in this state until the switched connection is
disconnected.
f) c26 - DCE identification unsuccessful (grade 2)
The DCE enters this state when the DCE identification attempt has
failed. The DCE remains in this state until the switched connection is
disconnected.
FIGURE A-3/X.32 T0706600-88
PAGE1 Fascicle VIII.2 - Rec. X.32
TABLE A-3/X.32
Actions taken by the DCE as the questioning party (security grade 2)
State of the
DCE acting as the q21 q22 q23
questioning party Waiting Evaluating Waiting q24 q25 q26
forID [, ID [, SIG] for SRES Evaluating DTE DTE
SIG] (grade 2) SRES identificaidentifica
(grade 2) tion tion
Protocol element received successful unsuccessf
by the DCE or decision by (grade 2) ul (grade
the DCE 2) (see
Note 1)
ID [, SIG] NORMAL - DISCARD - DISCARD - DISCARD - DISCARD - DISCARD -
>q22 >q22 >q23 >q24 >q25 >q26
At least initial DCE RAND - //////////
checking of the ID [, SIG] ////////// >q23 or ////////////////////////////// ///
is complete /// Negative /// /// /// //////////
//////////DIAG ->q26 ////////////////////////////// ///
/// (see Note /// /// /// //////////
////////// 2) ////////////////////////////// ///
/// /// /// /// //////////
////////// ////////////////////////////// ///
/// /// /// /// //////////
////////// ////////////////////////////// ///
/// /// /// /// //////////
////////// ////////////////////////////// ///
/// /// /// ///
Further DCE checking (if NORMAL -
any) of the ID [, SIG] is ////////////////////
complete /// ///
////////////////////
/// ///
////////////////////
/// ///
////////////////////
/// ///
////////////////////
/// ///
////////////////////
/// ///
Fascicle VIII.2 - Rec. X.32 PAGE1
>q23 or //////////////////////////////
Negative /// /// ///
DIAG - //////////////////////////////
>q26 (see /// /// ///
Note 3) //////////////////////////////
/// /// ///
//////////////////////////////
/// /// ///
//////////////////////////////
/// /// ///
//////////////////////////////
/// /// ///
SRES Negative Negative NORMAL - DISCARD - DISCARD - DISCARD -
DIAG->q26 DIAG->q26 >q24 >q24 >q25 >q26
DCE checking of the SRES Positive
is complete ////////////////////////////// DIAG - ////////////////////
/// /// /// >q25 or /// ///
////////////////////////////// Negative ////////////////////
/// /// /// DIAG - /// ///
//////////////////////////////>q26 (see ////////////////////
/// /// /// Note 4) /// ///
////////////////////////////// ////////////////////
/// /// /// /// ///
////////////////////////////// ////////////////////
/// /// /// /// ///
////////////////////////////// ////////////////////
/// /// /// /// ///
Note 1 - When in this state, the DCE should disconnect the switched access path when it
is sure that the DIAG element has been received by the challenged party, or the challenged
party is out-of-order.
Note 2 - As negative DIAG is sent if the DCE has detected ID [, SIG] as incorrect. RAND is
sent if the DCE has detected ID [, SIG] as correct or if it has not yet checked ID [,
SIG].
Note 3 - After having transmitted RAND, if the DCE detects that the ID [, SIG] received
when in state q21 was incorrect, it transmits a negative DIAG and goes into state q26.
Otherwise, the DCE continues with the normal process of waiting to receive the SRES
element.
Note 4 - q25 ou q26 depending on whether or not the SRES is recognized as correct by the
DCE.
PAGE1 Fascicle VIII.2 - Rec. X.32
Figure A-4/X.32 provides a state diagram for the DCE acting as the
challenging party in case of security grade 2 identification.
The actions to be taken by the DCE for security grade 2 identification,
when one of the listed events occurs, are indicated in Table A-4/X.32.
FIGURE A-4/X.32 T-0706610-88
Fascicle VIII.2 - Rec. X.32 PAGE1
TABLE A-4/X.32
Actions taken by the DCE as the challenged party (security grade 2)
State of the
DCE acting as the c21 c24
challenged party Initial c22 c23 Waiting c25 c26
challenged Waiting Calculatin for DIAG DCE DCE
(grade 2) for RAND g SRES (grade 2) identificaidentifica
tion tion
Protocol element received successful unsuccessf
by the DCE or decision by (grade 2) ul (grade
the DCE 2) (see
Note 1)
DCE decides it wants to ID [,
be identified SIG] ->c22//////////////////////////////////////////////////
/// /// /// /// ///
//////////////////////////////////////////////////
/// /// /// /// ///
RAND DISCARD - NORMAL - DISCARD - DISCARD - DISCARD - DISCARD -
>c26 >c23 >c23 >c24 >c25 >c26
DCE calculation of SRES ////////// SRES -
from RAND is complete ////////// ///
/// //////////
////////// ///
/// //////////
////////// ///
///
PAGE1 Fascicle VIII.2 - Rec. X.32
>c24 //////////////////////////////
/// /// ///
//////////////////////////////
/// /// ///
//////////////////////////////
/// /// ///
Positive DIAG DISCARD NORMAL DISCARD NORMAL DISCARD DISCARD
->c26 ->c25 or ->c26 ->c25 ->c25 ->c26
c26 (see
Note 2)
Negative DIAG DISCARD NORMAL NORMAL NORMAL DISCARD DISCARD
->c26 ->c26 ->c26 ->c26 ->c25 ->c26
Note 1 - In this state, the DCE shall disconnect the switched access path.
Note 2 - c25 or c26 depending on whether or not the DCE wants to be identified.
ANNEX B
(to Recommendation X.32)
Abbreviations
ADM Asynchronous disconnected mode
AVAIL-BAS Available on all networks
AVAIL-NS Available and selected by the network
AVAIL-OPT Available on some networks
AVAIL-RQ Available on some networks and must be requested
BA Class of HDLC
CSPDN Circuit switched public data network
CUSTOM Customized
DCE Data circuit-terminating equipment
DIAG Diagnostic element
DISC Disconnect
DM Disconnected mode
DNIC Data network identification code
DSE Data switching equipment
DTE Data terminal equipment
FI Format identifier
HDLC High-level data link control
HDTM Half-duplex transmission module
ID Identity element
ISDN Integrated services digital network
ISO International organization for standardization
k Number of outstanding I frames
LAPB Link access procedure B
LAPX Link access procedure - Half-duplex
MT... Parameter...
N... Parameter...
ND Network default
NN National number
NTN Network terminal number
NUI Network user identification
PDN Public data network
PSN Public switched network
PSPDN Packet switched public data network
PSTN Public switched telephone network
RAND Random number element
REJ Reject
RPOA Recognized private operating agency
RR Receive ready
RSA Rivest, Shamir, Adleman algorithm
SABM Set asynchronous balanced mode
SABME Set asynchronous balanced mode extended
SIG Signature element
SRES Signed response element
TCC Telephone country code
T... Timer...
UA Unnumbered acknowledge
UTC Coordinated universal time
XC Counter...e
Fascicle VIII.2 - Rec. X.32 PAGE1
XID Exchange identification (Unnumbered Format)
XT... Timer...
APPENDIX I
(to Recommendation X.32)
Implementation of LAPX
I.1 Introduction
Considerations are given here for defining the signals needed between the
HDTM and the LAPB and physical layer modules in implementing LAPX.
I.2 Control and status functions
The following logical functions describe interactions between LAPB and the
HDTM:
- control [TERM]
LAPB has entered the disconnected phase.
- control [CONCLUDE]
LAPB has finished transmitting one or more frames.
- status [OP-T]
Enable LAPB to send frames.
- status [INOP-T]
Inhibit LAPB from sending frames.
If the idle channel state condition detection mechanism of LAPB is not
disabled, then the HDTM needs to protect LAPB from the use of idle channel state
condition in turning around the line. This protection is done by having the HDTM
present constant flags to LAPB except in the Half-duplex receiving state (state
3). It may be desirable to define additional logical functions in doing this.
The following logical functions describe interactions between the HDTM and
the physical layer:
- control [SEIZE]
The HDTM has stopped waiting for data to be received and is waiting to
transmit data.
- control [RELEASE]
The HDTM has stopped sending data and is requesting the physical layer
to release the right to transmit.
- control [DISCON]
The HDTM is requesting the physical layer to disconnect the physical
connection because LAPB is disconnected.
- status [CALLING]
The physical connection originated by this DTE/DCE is established.
- status [CALLED]
The physical connection originated by the other DTE/DCE is established.
- status [UNCON]
There is no physical connection.
- status [XMT]
The physical connection is able to transmit data.
- status [REMOTE]
This is an optional function used if the physical layer, instead of the
HDTM, detects the indication that the remote DTE/DCE accepts the right
to transmit (remote is in the Half-duplex sending state).
- status [LOCAL]
This is an optional function used if the physical layer, instead of the
HDTM, detects the request for change in the direction of transmission
that gives the local DTE/DCE the right to transmit (remote is in the
Wait or receiving state).
The forms of these interactions are not defined. However, an example of
the HDTM physical layer interactions is given in SS 5.6.7 and 5.6.8.
I.3 Table of transitions between states
PAGE1 Fascicle VIII.2 - Rec. X.32
Table I-1/X.32 shows the events that cause a state transition and the
resulting action(s). This provides a generalized description of operation of the
HDTM.
TABLE I-1/X.32
Description of state transitions
Present state Transition name New state
Event Action
0 Initialize calling DTE/DCE 4
Idle state Calling DTE/DCE: data Do function control Wait for sending
circuit established [SEIZE] state
(e.g. data set ready,
ready for data) (i.e.
status [CALLING])
0 Initialize called DTE/DCE 2
Idle state Called DTE/DCE: data Start timer XT1 Wait for receiving
circuit established state
(e.g. data set ready,
ready for data) (i.e.
status [CALLED])
1 Send right to transmit 2
Half-duplex Conclusion of Send request that Wait for receiving
sending state transmission (i.e. remote DTE/DCE enter state
control [CONCLUDE]) the half-duplex
sending state (see
Note 1). Start timer
TX1. Do function
status [INOP-T] (see
Note 2). Do function
control [RELEASE]
1 Disconnect sending DTE/DCE 0
Fascicle VIII.2 - Rec. X.32 PAGE1
Half-duplex LAPB has entered a Do function control Idle state
sending state disconnected phase [DISCON]
(i.e. control [TERM])
(see Note 3)
2 Receive confirmation 3
Wait for receiving Reception of Stop timer XT1 Half-duplex
state indication that the receiving state
remote DTC/DCE has
entered the
half-duplex sending
state (see Note 4)
(i.e. status
[REMOTE])
2 Seize right to transmit 4
Wait for receiving Expiry of timer XT1 Do function control Wait for sending
state or has frame to send [SEIZE] state
(i.e. a LAPB/HDTM
transmit data
function) (see Note
5)
PAGE1 Fascicle VIII.2 - Rec. X.32
TABLE I-1/X.32 (continued)
Description of state transitions
Present state Transition name New state
Event Action
3 Initialize calling DTE/DCE 4
Half-duplex Reception of Do function control Wait for sending
receiving state notification that the [SEIZE] state
remote DTE/DCE is
requesting a change
in the direction of
transmission (i.e.
status [LOCAL]) (see
Note 6)
3 Receive right to transmit 2
Half-duplex Reception of Start timer XT1 Wait for receiving
receiving state notification that the state
remote DTE/DCE is re-
questing a change in
the direc-tion of
transmission (i.e.
status [LOCAL]) (see
Note 6)
3 Disconnect receiving DTE/DCE 0
Half-duplex LAPB has entered a Do function control Idle state
sending state disconnected phase [DISCON]
(i.e. control [TERM])
(see Note 3)
4 Send confirmation 1
Half-duplex
Fascicle VIII.2 - Rec. X.32 PAGE1
sending state Indication of Send indication to Half-duplex sending
availability of the the remote DTE/DCE state
physical layer for that the half-duplex
trans-mission (i.e. sending state has
status [XMT]) been entered. Do
function status
[OP-T] (see Note 7)
Any Reset from any state 0
Physical layer has Do function status Idle state
no circuit to a [INOP-T]
remote DTE/DCE (i.e.
status [UNCON])
Note 1 - HDTM uses the idle data link channel state indication (at least 15 continuous
1's) for requesting that the remote DTE enter the half-duplex sending state.
Note 2 - Status [INOP-T] indicates to LAPB that the sending of frames is inhibited.
Note 3 - Control [TERM] indicates that LAPB has entered the disconnected phase (equivalent
to ADM of HDLC).
Note 4 - Reception of a flag or detection of carrier ON (circuit109 = 1) is this
indication.
Note 5 - One timer XT1 expiration must occur before a frame may be sent.
Note 6 - HDTM uses the idle data link channel state indication (at least 15 continuous
1's) or detection of carrier OFF (CIRCUIT 109 = 0) for detecting that the remote DTE is
requesting a change in the direction of transmission.
Note 7 - Status [OP-T] indicates to LAPB that the sending of frame is enabled.
PAGE1 Fascicle VIII.2 - Rec. X.32
I.4 HDTM/physical layer control and status functions expressed in terms
applicable to a modem interface
Continuing the example of S 5.6.7, the HDTM/physical layer logical
functions may be described as shown below as they apply to the use of the HDTM
with a V-series modem interface:
- control [SEIZE]
Request turning circuit 105 ON and, if necessary, releasing circuit 103
from binary 1 condition.
- control [RELEASE]
Request holding circuit 103 in the binary 1 condition and turning
circuit 105 OFF.
- control [DISCON]
Request turning circuit 107 OFF and, if necessary, turning circuit 105
OFF.
- status [CALLING]
As the calling DTE/DCE, report circuit 107 ON.
- status [CALLED]
As the called DTE/DCE, report circuit 107 ON.
- status [UNCON]
Report circuit 107 OFF.
- status [XMT]
Report circuit 106 ON.
- status [REMOTE]
Report carrier ON.
- status [LOCAL]
Report carrier OFF.
APPENDIX II
(to Recommendation X.32)
RSA public key algorithm
The Rivest, Shamir, Adleman (RSA) algorithm defines a public key
cryptography system. Each subscriber to an RSA cryptosystem generates a public
modulo key (n), a public exponential key (e), and a secret exponential key (d)
which conform to certain consistency rules to be subsequently described. The
subscriber can publish and disclose its public keys (n, e) but it will never
reveal its secret exponential key (d). The exchange of information via the RSA
algorithm involves the successive transformations and decryption. The form of
encryption and decryption transformations are mathematically identical but differ
only in the values of the exponential keys used. Each RSA transformation is of
the form:
X` = Xk (modulo n)
where
X is the integer to be transformed
X` is the transformed integer
n is the public modulo key
k is the exponential key which is either the public exponential key e, or
the secret exponential key d.
The RSA keys for a subscriber are generated subject to the following two
constraints:
n = p . q (p and q are large prime numbers)
(d . e) modulo [(p - 1) . (q - 1)] = 1
The encryption operation can use either e or d as the exponential key.
However, the decryption operation must use the exponential key (d or e) that was
not used in the encryption process. Both processes must use the same modulo key,
n.
As applied to the security grade 2 identification process described in S
7.1.2, the challenged party will generate SRES by encrypting RAND using its
secret exponential key, d, so that the questioning party can decrypt SRES using
the public keys of the challenged party (e and n).
APPENDIX III
(to Recommendation X.32)
Relationship of timer T14 to the different
methods of DTE identification
Figure III-1/X.32 illustrates the points in the general sequence of events
defined in this Recommendation at which timer T14 is started or stopped.
FIGURE III-1/X.32 T0706620-88
Fascicle VIII.2 - Rec. X.32 PAGE1
PAGE1 Fascicle VIII.2 - Rec. X.32
