Home | Site Map | Contact Us

Standards notified in India

(a) PKIX (Public Key Infrastructure)

Public Key Infrastructure as recommended by Internet Engineering Task Force (IETF) document draft-ietf-pkix-roadmap-05 for “Internet X.509 Public Key Infrastructure” (March 10, 2000);

(b) Public-key cryptography based on the emerging Institute of Electrical and Electronics Engineers (IEEE) standard P1363 for three families:

Discrete Logarithm (DL) systems

Elliptic Curve Discrete Logarithm (EC) systems

Integer Factorization (IF) systems;

(c) Public-key Cryptography Standards (PKCS)

PKCS#1 RSA Encryption Standard (512, 1024, 2048 bit)

PKCS#3 Diffie-Hellman Key Agreement Standard

PKCS#5 Password Based Encryption Standard

PKCS#6 Extended-Certificate Syntax Standard

PKCS#7 Cryptographic Message Syntax standard

PKCS#8 Private Key Information Syntax standard

PKCS#9 Selected Attribute Types

PKCS#10 RSA Certification Request

PKCS#11 Cryptographic Token Interface Standard

PKCS#12 Portable format for storing/transporting a user’s private keys and certificates

PKCS#13 Elliptic Curve Cryptography Standard

PKCS#15 Cryptographic Token Information Format Standard;

(d) Federal Information Processing Standards (FIPS)

FIPS 180-1, Secure Hash Standard

FIPS 186-1, Digital Signature Standard (DSS)

FIPS 140-1 level 3, Security Requirement for Cryptographic Modules;

(e) Discrete Logarithm (DL) systems

Diffie-Hellman, MQV key agreement

DSA, Nyberg-Rueppel signatures;

(f) Elliptic Curve (EC) systems

Elliptic curve analogs of DL systems;

(g) Integer Factorization (IF) systems

RSA encryption

RSA, Rabin-Williams signatures;

(h) Key agreement schemes

(i) Signature schemes

DL/EC scheme with message recovery

PSS, FDH, PKCS #1 encoding methods for IF family

PSS-R for message recovery in IF family;

(ii) Encryption schemes

Abdalla-Bellare-Rogaway DHAES for DL/EC family;

(i) Form and size of the key pairs

(1) The minimum key length for Asymmetric cryptosystem (RSA Algorithm) shall be 2048 for the Certifying Authority’s key pairs and 1024 for the key pairs used by subscribers.

(2) The Certifying Authority’s key pairs shall be changed every three to five years (except during exigencies as in the case of key compromise when the key shall be changed immediately). The Certifying Authority shall take appropriate steps to ensure that key changeover procedures as mentioned in the approved Certificate Practice Statements are adhered to.

(3) The subscriber’s key pairs shall be changed every one to two years;

(j) Directory Services (LDAP ver 3)

X.500 for publication of Public Key Certificates and Certificate Revocation Lists

X.509 version 3 Certificates as specified in ITU RFC 1422

X.509 version 2 Certificate Revocation Lists;
Root Certificate 2007 Root Certificate 2007 Certificate Revocation Details 2007
FAQ

How do I get a Digital Signature Certificate? 

Who are the CAs licensed by the CCA? 

more...
What's New?
Contact Details

Controller of Certifying Authorities
Electronics Niketan,
6 CGO Complex, Lodhi Road,
New Delhi - 110003
FAX : 91-011-24369578
info@cca.gov.in
©2008 CCA. All rights reserved.
Best Viewed In: 1024 X 768 		AUDITORS | ADJUDICATING OFFICER | RTI disclaimer