What is ISO/IEC 11770-5 about?
ISO/IEC 11770-5 specifies mechanisms to establish shared symmetric keys between groups of entities. It defines:
- Symmetric key-based key establishment mechanisms for multiple entities with a key distribution centre (KDC); and
- Symmetric key establishment mechanisms based on a general tree-based logical key structure with both individual rekeying and batch rekeying.
- Key establishment mechanisms based on a key chain with group forward secrecy, group backward secrecy or both group forward and backward secrecy.
ISO/IEC 11770-5 describes the required content of messages which carry keying material or are necessary to set up the conditions under which the keying material can be established.
Note: ISO/IEC 11770-5 does not specify the following:
- The information has no relation with key establishment mechanisms, nor does it specify other messages such as error messages. The explicit format of messages is not within the scope of ISO/IEC 11770-5.
- The means to be used to establish the initial secret keys required to be shared between each entity and the KDC, nor key lifecycle management.
- Does not explicitly address the issue of interdomain key management.
Who is ISO/IEC 11770-5 for?
ISO/IEC 11770-5 on Information security is applicable to:
- Information technology companies
- IT risk and IT security managers
- Cyber security cells
- Financial companies
- Computer hardware companies
- Software companies
Why should you use ISO/IEC 11770-5?
The administration of cryptographic keys within a cryptosystem is referred to as key management. It is concerned with the generation, exchange, storage, usage, and replacement of keys at the user level.
ISO/IEC 11770-5 helps you in sharing a secret key within a defined group of entities using multicast communication. This tree-based key mechanism helps in sending the encrypted message from one group member to another group member such that another group member can only decrypt that message. The logical key structure is used to distribute the secret key from key distribution centres to the active entities in the group. ISO/IEC 11770-5 is helpful in encrypting the information with the help of a forward key chain limit and a backward key chain helps in encrypting the past information.
ISO/IEC 11770-5 will help you in understanding the techniques that enable a secret key to be shared by all members of a defined group with the assistance of a trusted third party known as a key distribution centre.
What’s changed since the last update?
BS ISO/IEC 11770-5:2020 supersedes BS ISO/IEC 11770-5:2011. BS ISO/IEC 11770-5:2020 includes some technical changes with respect to BS ISO/IEC 11770-5:2011. These include:
- The document has been modified to be consistent with the use of the key derivation specifications from ISO/IEC 11770-6
- The use of a "trapdoor" in key derivation has been removed. Consequently, unlimited forward key chains can no longer be calculated