Skip to main content
SpringerLink
Log in

Nutzen und Grenzen von Kryptographie-Standards und ihrer APIs

  • Chapter
Systemsicherheit

Part of the book series: DuD-Fachbeiträge ((DUD))

  • 161 Accesses

Zusammenfassung

Dieses Papier untersucht Kryptographie-Standards und ihre APIs aus dem Blickwinkel des Systemarchitekten und Anwendungsentwicklers. Dabei werden Kryptographie-Standards ziemlich weitgefaßt als alle Verfahren, Datenformate und Protokolle definiert, die auf kryptographischen Algorithmen beruhen, hinreichend verbreitet sind, oder es in Zukunft sein werden.

Zunächst wird ein Überblick über bereits existierende und derzeit entstehende Standards gegeben. Anschließend diskutieren wir ihre Brauchbarkeit für die Anwendungsentwicklung und stellen Defizite heraus. Wir kommen zu dem Schluß, daß die nötigen Datenformate und Protokolle vorhanden sind, jedoch für die zugehörigen APIs umfassendere und bessere Standards benötigt werden.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 74.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Literatur

  1. IETF (Internet Engineering Task Force). http://www.ietf.org/

    Google Scholar 

  2. Internet RFCs. http://www.ietf.org/rfc.html

    Google Scholar 

  3. Privacy Enhanced Mail (PEM), RFC 1421, RFC 1422, RFC 1423, RFC 1424, proposed standard, 1993.

    Google Scholar 

  4. Generic Security Service Application Programming Interface (GSS-API vl), RFC 1508, proposed standard, 1993.

    Google Scholar 

  5. Generic Security Service API: C-bindings, RFC 1509, proposed standard, 1993.

    Google Scholar 

  6. Generic Security Service Application Programming Interface, Version 2 (GSS-API v2), RFC 2078, proposed standard, 1997.

    Google Scholar 

  7. SPKM (Simple Public-Key GSS-API Mechanism), RFC 2025, proposed standard, 1996.

    Google Scholar 

  8. Kerberos Version 5 GSS-API Mechanism, RFC 1964, proposed standard, 1996

    Google Scholar 

  9. Kerberos Network Authentication Service (V5), RFC 1510, 1993.

    Google Scholar 

  10. Kerberos Network Authentication Service (V5) update. http://www.ietf.org/internet-drafts/draft-ietf-cat-kerberos-revisions-04.txt

    Google Scholar 

  11. Bellovin, S. M.; Merritt, M.: Limitations of the Kerberos Authentication System. In Proceedings of the Winter 1991 Usenix Conference. Januar 1991. http://research.att.com/dist/internet-security/kerblimit.usenix.ps

  12. Kohl, John T.; Neuman, B. Clifford; T’so, Theodore Y.: The Evolution of the Kerbe-ros Authentication System. In Distributed Open Systems, IEEE Computer Society Press, 1994, S. 78–94. athena-dist.mit.edu/pub/kerberos/doc/krb_evol.PS

    Google Scholar 

  13. PKINIT (Public Key Cryptography for Initial Authentication in Kerberos). http://www.ietf.org/internet-drafts/draft-ietf-cat-kerberos-pk-init-l0.txt

    Google Scholar 

  14. SASL (Simple Authentication and Security Layer), RFC 2222. http://www.ietf.org/internet-drafts/draft-ietf-cat-sasl-gssapi-OO.txt

    Google Scholar 

  15. SPNEGO (The Simple and Protected GSS-API Negotiation Mechanism), RFC 2478, proposed standard, 1998

    Google Scholar 

  16. PKCS (Public Key Cryptography Standards); RSA Security Inc. http://www.rsasecurity.com/rsalabs/pkcs

    Google Scholar 

  17. PKCS #7 (s. auch [19]). http://www.rsasecurity.com/rsalabs/pkcs/pkcs-7/

    Google Scholar 

  18. PKCS #1, RFC 2437. http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/

    Google Scholar 

  19. CMS (Cryptographic Message Syntax), RFC 2630, proposed standard, 1999.

    Google Scholar 

  20. S/MIME Version 2, RFC 2311, RFC 2312, informational, 1998. http://www.rsasecurity.com/standards/smime/index.htm

    Google Scholar 

  21. S/MIME Version 3, RFC 2632, RFC 2633, RFC 2634, proposed standard, 1999.

    Google Scholar 

  22. S/MIME Interoperability Master Matrix. http://www.securitydynamics.com/standards/smime/interop_enter.html

    Google Scholar 

  23. Worldtalk (Hersteller der S/MIME-Referenzimplementation). http://www.worldtalk.com/

    Google Scholar 

  24. TeleTrusT Deutschland e. V., http://www.teletrust.de/

    Google Scholar 

  25. MailTrusT — Pilotprojekt Digitale Signatur für den Dokumentenaustausch des TeleTrusT Deutschland e. V. http://www.mailtrust.de/ http://www.teletrust.de/ http://www.darmstadt.gmd.de/mailtrust/

    Google Scholar 

  26. PGP (Pretty Good Privacy). http://www.pgp.com/ http://www.pgpi.org/

    Google Scholar 

  27. Sicherheit im Internet — Initiative der Bundesministerien für Sicherheit in der Informationstechnik, für Wirtschaft und Technologie und des Innern. http://www.sicherheit-im-internet.de/

    Google Scholar 

  28. The GNU Privacy Guard. http://www.gnupg.org/

    Google Scholar 

  29. Message Exchange Formats PGP (Pretty Good Privacy), RFC 1991, informational, 1996.

    Google Scholar 

  30. OpenPGP Message Format, RFC 2440, proposed standard, 1998.

    Google Scholar 

  31. MIME Security with PGP, RFC 2015, proposed standard, 1996.

    Google Scholar 

  32. Independent Data Unit Protection Generic Security Service Application Program Interface (IDUP-GSS-API) v2, RFC 2479, informational, 1998.

    Google Scholar 

  33. XML (Extensible Markup Language). http://www.w3.org/XML/

    Google Scholar 

  34. XML Digital Signatures. http://www.ietf.org/html.charters/xmldsig-charter.html http://www.w3.org/Signature/

    Google Scholar 

  35. Common Data Security Architecture (CDSA); Open Group. http://www.opengroup.org/security/cdsa http://developer.intel.com/ial/security/specifications.htm

    Google Scholar 

  36. PC/SC Workgroup. http://www.pcscworkgroup.com/

    Google Scholar 

  37. PC/SC Implementation für Linux. http://www.linuxnet.com/middleware/middleware.html

    Google Scholar 

  38. Secure Socket Layer 3.0 (SSL) specification. http://www.netscape.com/eng/ssl3

    Google Scholar 

  39. Freie SSL/TLS-Implementierung (Open-Source Projekt). http://www.openssl.org

    Google Scholar 

  40. Wagner, D.; Schneier, B.: Analysis of the SSL 3.0 protocol. Proceedings of the Second USENIX Workshop on Electronic Commerce, USENIX Press, 1996, S. 29–40. www.counterpane.com/ssl. html

    Google Scholar 

  41. TLS (Transport Layer Security), RFC 2246, proposed standard, 1999.

    Google Scholar 

  42. IETF-TLS Working Group; Transport Layer Security. http://www.consensus.com/ietf-tls/ietf-tls-home.html http://www.ietf.org/html.charters/tls-charter.html

    Google Scholar 

  43. RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography. http://www.rsasecurity.com/rsalabs/faq

    Google Scholar 

  44. MIME (Multipurpose Internet Mail Extensions), RFC 2045, RFC 2046, RFC 2047, RFC 2048, RFC 2049, draft standard, 1996.

    Google Scholar 

  45. MOSS (MIME Object Security Services), RFC 1848, proposed standard, 1995.

    Google Scholar 

  46. Fumy, W.; Meister, G.; Reitenspieß, M.; Schäfer, W. (Ed.): Sicherheitsschnittstellen — Konzepte, Anwendungen und Einsatzbeispiele. Proceedings des VIS-Workshops Security APIs’ 94, Deutscher Universitäts-Verlag, Wiesbaden 1994.

    Google Scholar 

  47. W3C (Word Wide Web Consortium). http://www.w3.org/

    Google Scholar 

  48. FIPS PUB 186-1: Digital Signature Standard (DSS). U.S. Department of Commerce/National Institute of Standards and Technology. RFC 2104.

    Google Scholar 

  49. FIPS PUB 180-1: Secure Hash Standard. U.S. Department of Commerce/National Institute of Standards and Technology. http://csrc.nist.gov/fips/fip 180-1.pdf

    Google Scholar 

  50. ECDSA ANSI X9.62.

    Google Scholar 

  51. WAP (Wireless Application Protocol) Forum. http://www.wapforum.com/

    Google Scholar 

  52. WTLS (Wireless Transport Layer Security). http://www.wapforum.org/what/technical/SPEC-WTLS-19990211.pdf

    Google Scholar 

  53. Saarinen, M-J.: Attacks against the WAP WTLS Protocol. Proceedings CMS’ 99 Communications and Multimedia Security, Kluwer Academic Publishers, Boston 1999.

    Google Scholar 

  54. RPCSEC_GSS Protocol Specification, RFC 2203, proposed standard, 1997.

    Google Scholar 

  55. Authentication Mechanisms for ONC RPC, RFC 2695, informational, 1999.

    Google Scholar 

  56. IPsec — Security Architecture for the Internet Protocol, RFC 2401, proposed standard, 1998.

    Google Scholar 

  57. The Globus Project — Gemeinsames Projekt folgender Partner: Information Sciences Institute of the University of Southern California, Mathematics and Computer Science Division of Argonne National Laboratory, Aerospace Corporation. http://www.globus.org/

  58. JCA (Java Cryptography Architecture). http://www.javasoft.com/products/jdk/l.2/docs/guide/security/CryptoSpec.html

    Google Scholar 

  59. JSSE (Java Secure Socket Extension). http://java.sun.com/products/jsse/

    Google Scholar 

  60. JCE (Java Cryptography Extension). http://www.Javasoft.com/products/jce/

    Google Scholar 

  61. Java Smart Card API. http://java.sun.com/products/commerce/javax.smartcard/

    Google Scholar 

  62. Java Wallet. http://java.sun.com/products/commerce/

    Google Scholar 

  63. Open Card Framework. http://www.opencard.org/

    Google Scholar 

  64. CORBA (Common Object Request Broker Architecture). http://www.corba.org/

    Google Scholar 

  65. DOM (Document Object Model). http://www.w3.org/D0M/

    Google Scholar 

  66. SECUDE Sicherheitstechnologie Informationssysteme GmbH. http://www.secude.com/

    Google Scholar 

  67. IBM SecureWay. http://www.ibm.com/software/secureway/

    Google Scholar 

  68. Schneider, B.: Comments on the “NSAKEY” in Microsoft’s Crypto API. Crypto-Gram newsletter, September 1999. http://www.counterpane.com/nsakey.html

  69. SET (Security Electronic Transaction LLC) Specifications, http://www.setco.org/set-specifications.html

    Google Scholar 

  70. MailProtect (S/MIME-Plugin für Lotus Notes). http://www.mailprotect.de/

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Deutsche Bank AG, Deutschland

    Martin Bartosch & Jörg Schneider

Authors
  1. Martin Bartosch
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jörg Schneider
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Patrick Horster

Rights and permissions

Reprints and permissions

Copyright information

© 2000 Friedr. Vieweg & Sohn Verlagsgesellschaft mbH, Braunschweig/Wiesbaden

About this chapter

Cite this chapter

Bartosch, M., Schneider, J. (2000). Nutzen und Grenzen von Kryptographie-Standards und ihrer APIs. In: Horster, P. (eds) Systemsicherheit. DuD-Fachbeiträge. Vieweg+Teubner Verlag. https://doi.org/10.1007/978-3-322-84957-1_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-322-84957-1_17

  • Publisher Name: Vieweg+Teubner Verlag

  • Print ISBN: 978-3-322-84958-8

  • Online ISBN: 978-3-322-84957-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation