AS 2805.6.1.4-2009 pdf free download

AS 2805.6.1.4-2009 pdf free download.Electronic funds transfer Requirements for interfaces
Part 6.1.4: Key management Asymmetric cryptosystems Key management and life cycle.
6.2.1 General
The asymmetric key pair generation is the process by which a new pair of keys composed of a private key and the related public key is generated for use in a specific asymmetric cryptosystem. The two keys of an asymmetric key pair are mathematically related as defined by the design of the particular asymmetric cryptosystem. The relationship is such that it is computationally infeasible to determine the private key from the public key.
The key pair generation process is achieved by or on behalf of a single party. This party becomes the owner of the key pair.
Each private key and each private key component shall be generated in such a way that it is not feasible to predict any private key nor to determine that certain private keys are significantly more probable than others from the set of possible private keys. See Bibliography [4]. The process shall incorporate random or pseudo- random values.
An asymmetric key pair shall be generated in such a way that the secrecy of the private key and the integrity of the public key is assured. For the generation of an asymmetric key pair for non-repudiation service, the integnty of the public key and the secrecy of the private key shall be provable to a third party.
The private key shall not be available in human-comprehensible form.
If the key pair is generated by a system that will not use it:
the private key and all related secret seed elements shall be deleted immediately after the transfer has been ensured:
the integrity of the private key shall be ensured.
Asymmetric key pairs. when generated, should have a replacement date to establish their life cycle.
The size of the asymmetric key pair shall be chosen to be sufficiently large to render attacks computationally infeasible.
Generation of an asymmetric key pair shall be performed by a certification authority (CA). the key pair owner or an authorized third party. The roles and responsibilities of the entity performing the key pair generation are described in 6.2.2 to 6.2.4,
6.2.2 Certification authority
The CA shall generate the asymmetric key pair in an SCD and shall transfer the private key to the key pair owner in accoi-dance with the requirements in 6.5. The CA shall transfer the public key to the key pair owner in a certificate.
The CA shall neither record nor retain the private key or any other information that could possibly compromise the private key or allow it to be recreated.AS 2805.6.1.4-2009 pdf free download.