Over deze norm
||Informatiebeveiliging, Cyber security en Privacy
This International Standard specifies six methods for authenticated encryption, i.e. defined ways of processing a data string with the following security objectives: ? data confidentiality, i.e. protection against unauthorized disclosure of data, ? data integrity, i.e. protection that enables the recipient of data to verify that it has not been modified, ? data origin authentication, i.e. protection that enables the recipient of data to verify the identity of the data originator. All six methods specified in this International Standard are based on a block cipher algorithm, and require the originator and the recipient of the protected data to share a secret key for this block cipher. Key management is outside the scope of this standard; key management techniques are defined in ISO/IEC 11770. Four of the mechanisms in this standard, namely mechanisms 1, 3, 4 and 6, allow data to be authenticated which is not encrypted. That is, these mechanisms allow a data string that is to be protected to be divided into two parts, D, the data string that is to be encrypted and integrity-protected, and A (the additional authenticated data) that is integrity-protected but not encrypted. In all cases, the string A may be empty.