48:
1280:
319:
See RFC 2985. Defines selected attribute types for use in PKCS #6 extended certificates, PKCS #7 digitally signed messages, PKCS #8 private-key information, and PKCS #10 certificate-signing requests.
686:
544:
1260:
1090:
202:
A cryptographic protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel.
760:
417:
This container format can contain multiple embedded objects, such as multiple certificates. Usually protected/encrypted with a password. Usable as a format for the
943:
690:
1318:
718:
704:
657:
643:
615:
601:
548:
530:
812:
587:
94:
LLC, starting in the early 1990s. The company published the standards to promote the use of the cryptography techniques for which they had
936:
629:
1313:
516:
196:
1308:
1139:
456:
929:
497:
282:
267:
1255:
1210:
1023:
437:
340:
481:
to identify themselves to applications, independent of the application's
Cryptoki implementation (PKCS #11) or other
30:
For technical reasons, titles such as "PKCS #1" redirect here. For links to individual articles, see the table below.
277:. Used also for certificate dissemination (for instance as a response to a PKCS #10 message). Formed the basis for
33:
This article is about public-key cryptography standards. For the human gene involved in cholesterol metabolism, see
1134:
107:
1250:
805:
274:
1240:
1230:
1085:
368:
1235:
1225:
1028:
988:
981:
971:
966:
376:
336:
87:
976:
408:
185:
No longer active as of 2010. Covered RSA encryption of message digests; subsequently merged into PKCS #1.
166:
115:
1283:
1129:
1075:
1245:
1169:
798:
780:
110:(because the company retained control over them), some of the standards have begun to move into the "
1008:
739:
478:
364:
562:
1114:
1098:
1045:
17:
1174:
1164:
1035:
754:
103:
161:
See RFC 8017. Defines the mathematical properties and format of RSA public and private keys (
1109:
383:
systems. RSA Security has turned over further development of the PKCS #11 standard to the
169:
schemes for performing RSA encryption, decryption, and producing and verifying signatures.
380:
111:
61:
Please help update this article to reflect recent events or newly available information.
1184:
1104:
1065:
1013:
998:
735:
670:
372:
286:
218:
No longer active as of 2010. Covered RSA key syntax; subsequently merged into PKCS #1.
1302:
1265:
1220:
1179:
1159:
1055:
1018:
993:
422:
418:
412:
305:
See RFC 5958. Used to carry private certificate keypairs (encrypted or unencrypted).
99:
1215:
1060:
1050:
1040:
1003:
952:
485:. RSA has relinquished IC-card-related parts of this standard to ISO/IEC 7816-15.
91:
421:
and to establish client authentication certificates in
Mozilla Firefox. Usable by
1194:
404:
384:
1154:
1124:
1119:
1080:
774:
1144:
746:
1189:
1149:
674:
902:
897:
892:
887:
882:
877:
392:
348:
324:
1070:
872:
867:
862:
857:
852:
847:
842:
837:
832:
294:
278:
259:
233:
150:
95:
251:
162:
34:
123:
119:
925:
794:
444:(Apparently abandoned, only reference is a proposal from 1998.)
165:-encoded in clear-text), and the basic algorithms and encoding/
482:
360:
41:
705:"PKCS #15: Cryptographic Token Information Format Standard"
403:
See RFC 7292. Defines a file format commonly used to store
273:
See RFC 2315. Used to sign and/or encrypt messages under a
719:
PKCS #15: Cryptographic Token
Information Format Standard
687:"PKCS #12: Personal Information Exchange Syntax Standard"
254:
certificate specification. Obsoleted by v3 of the same.
1091:
Cryptographically secure pseudorandom number generator
917:
786:
563:"PKCS #5 v2.0: Password-Based Cryptography Standard"
281:, which is as of 2010 based on RFC 5652, an updated
1203:
959:
658:"PKCS #11: Cryptographic Token Interface Standard"
616:"PKCS #8: Private-Key Information Syntax Standard"
644:"PKCS #10: Certification Request Syntax Standard"
602:"PKCS #7: Cryptographic Message Syntax Standard"
531:"PKCS #3: Diffie-Hellman Key Agreement Standard"
474:Cryptographic Token Information Format Standard
588:"PKCS #6: Extended-Certificate Syntax Standard"
545:"PKCS #5: Password-Based Cryptography Standard"
339:to request certification of a public key. See
400:Personal Information Exchange Syntax Standard
937:
806:
8:
759:: CS1 maint: multiple names: authors list (
462:(Apparently abandoned, no documents exist.)
335:See RFC 2986. Format of messages sent to a
944:
930:
922:
918:
813:
799:
791:
787:
27:Group of public-key cryptography standards
106:algorithm and several others. Though not
740:"New Attacks on PKCS #1 v1.5 Encryption"
302:Private-Key Information Syntax Standard
128:
508:
752:
477:Defines a standard allowing users of
283:Cryptographic Message Syntax Standard
247:Extended-Certificate Syntax Standard
7:
517:"PKCS #1: RSA Cryptography Standard"
415:. PFX is a predecessor to PKCS #12.
630:"PKCS #9: Selected Attribute Types"
229:Password-based Encryption Standard
90:standards devised and published by
689:. RSA Laboratories. Archived from
568:. RSA Laboratories. March 25, 1999
547:. RSA Laboratories. Archived from
411:, protected with a password-based
25:
734:Jean-SĂ©bastien Coron, Marc Joye,
385:OASIS PKCS 11 Technical Committee
250:Defines extensions to the old v1
84:Public Key Cryptography Standards
18:Public-Key Cryptography Standards
1279:
1278:
671:Security Token/Smartcard Support
363:defining a generic interface to
46:
783:(technical committee home page)
457:Pseudo-random Number Generation
332:Certification Request Standard
1319:Standards of the United States
1140:Information-theoretic security
738:, and Pascal Paillier (2000).
356:Cryptographic Token Interface
1:
359:Also known as "Cryptoki". An
118:in recent years, such as the
498:Cryptographic Message Syntax
470:
452:
433:
396:
352:
328:
312:
298:
268:Cryptographic Message Syntax
263:
243:
225:
209:
197:Diffie–Hellman Key Agreement
192:
176:
154:
1256:Message authentication code
1211:Cryptographic hash function
1024:Cryptographic hash function
438:Elliptic-curve cryptography
341:certificate signing request
1335:
1135:Harvest now, decrypt later
777:(appendix G from RFC 3447)
158:RSA Cryptography Standard
32:
29:
1274:
1251:Post-quantum cryptography
921:
828:
790:
316:Selected Attribute Types
55:This article needs to be
1241:Quantum key distribution
1231:Authenticated encryption
1086:Random number generation
369:hardware security module
114:" processes of relevant
1314:Public-key cryptography
1236:Public-key cryptography
1226:Symmetric-key algorithm
1029:Key derivation function
989:Cryptographic primitive
982:Authentication protocol
972:Outline of cryptography
967:History of cryptography
409:public key certificates
377:public-key cryptography
337:certification authority
116:standards organizations
88:public-key cryptography
1309:Cryptography standards
977:Cryptographic protocol
285:(CMS). Often used for
131:PKCS Standards Summary
1130:End-to-end encryption
1076:Cryptojacking malware
1246:Quantum cryptography
1170:Trusted timestamping
479:cryptographic tokens
365:cryptographic tokens
1009:Cryptographic nonce
749:. pp. 369–381.
717:RSA Laboratories: "
707:. RSA Laboratories.
660:. RSA Laboratories.
646:. RSA Laboratories.
632:. RSA Laboratories.
618:. RSA Laboratories.
604:. RSA Laboratories.
590:. RSA Laboratories.
533:. RSA Laboratories.
519:. RSA Laboratories.
133:
1115:Subliminal channel
1099:Pseudorandom noise
1046:Key (cryptography)
407:with accompanying
129:
108:industry standards
1296:
1295:
1292:
1291:
1175:Key-based routing
1165:Trapdoor function
1036:Digital signature
915:
914:
911:
910:
693:on April 1, 2014.
551:on April 7, 2015.
489:
488:
371:). Often used in
232:See RFC 8018 and
104:Schnorr signature
86:) are a group of
78:In cryptography,
76:
75:
16:(Redirected from
1326:
1282:
1281:
1110:Insecure channel
946:
939:
932:
923:
919:
815:
808:
801:
792:
788:
781:OASIS PKCS 11 TC
764:
758:
750:
744:
722:
715:
709:
708:
701:
695:
694:
683:
677:
668:
662:
661:
654:
648:
647:
640:
634:
633:
626:
620:
619:
612:
606:
605:
598:
592:
591:
584:
578:
577:
575:
573:
567:
559:
553:
552:
541:
535:
534:
527:
521:
520:
513:
134:
71:
68:
62:
50:
49:
42:
21:
1334:
1333:
1329:
1328:
1327:
1325:
1324:
1323:
1299:
1298:
1297:
1288:
1270:
1199:
955:
950:
916:
907:
824:
819:
771:
751:
742:
733:
725:
716:
712:
703:
702:
698:
685:
684:
680:
669:
665:
656:
655:
651:
642:
641:
637:
628:
627:
623:
614:
613:
609:
600:
599:
595:
586:
585:
581:
571:
569:
565:
561:
560:
556:
543:
542:
538:
529:
528:
524:
515:
514:
510:
506:
494:
381:disk encryption
126:working group.
112:standards track
72:
66:
63:
60:
51:
47:
38:
31:
28:
23:
22:
15:
12:
11:
5:
1332:
1330:
1322:
1321:
1316:
1311:
1301:
1300:
1294:
1293:
1290:
1289:
1287:
1286:
1275:
1272:
1271:
1269:
1268:
1263:
1261:Random numbers
1258:
1253:
1248:
1243:
1238:
1233:
1228:
1223:
1218:
1213:
1207:
1205:
1201:
1200:
1198:
1197:
1192:
1187:
1185:Garlic routing
1182:
1177:
1172:
1167:
1162:
1157:
1152:
1147:
1142:
1137:
1132:
1127:
1122:
1117:
1112:
1107:
1105:Secure channel
1102:
1096:
1095:
1094:
1083:
1078:
1073:
1068:
1066:Key stretching
1063:
1058:
1053:
1048:
1043:
1038:
1033:
1032:
1031:
1026:
1016:
1014:Cryptovirology
1011:
1006:
1001:
999:Cryptocurrency
996:
991:
986:
985:
984:
974:
969:
963:
961:
957:
956:
951:
949:
948:
941:
934:
926:
913:
912:
909:
908:
906:
905:
900:
895:
890:
885:
880:
875:
870:
865:
860:
855:
850:
845:
840:
835:
829:
826:
825:
820:
818:
817:
810:
803:
795:
785:
784:
778:
770:
769:External links
767:
766:
765:
736:David Naccache
730:
729:
724:
723:
710:
696:
678:
663:
649:
635:
621:
607:
593:
579:
554:
536:
522:
507:
505:
502:
501:
500:
493:
490:
487:
486:
475:
472:
469:
468:PKCS #15
465:
464:
459:
454:
451:
447:
446:
441:
435:
432:
428:
427:
401:
398:
395:
389:
388:
373:single sign-on
357:
354:
351:
345:
344:
333:
330:
327:
321:
320:
317:
314:
311:
307:
306:
303:
300:
297:
291:
290:
287:single sign-on
271:
265:
262:
256:
255:
248:
245:
242:
238:
237:
230:
227:
224:
220:
219:
216:
211:
208:
204:
203:
200:
194:
191:
187:
186:
183:
178:
175:
171:
170:
159:
156:
153:
147:
146:
143:
140:
137:
98:, such as the
74:
73:
54:
52:
45:
26:
24:
14:
13:
10:
9:
6:
4:
3:
2:
1331:
1320:
1317:
1315:
1312:
1310:
1307:
1306:
1304:
1285:
1277:
1276:
1273:
1267:
1266:Steganography
1264:
1262:
1259:
1257:
1254:
1252:
1249:
1247:
1244:
1242:
1239:
1237:
1234:
1232:
1229:
1227:
1224:
1222:
1221:Stream cipher
1219:
1217:
1214:
1212:
1209:
1208:
1206:
1202:
1196:
1193:
1191:
1188:
1186:
1183:
1181:
1180:Onion routing
1178:
1176:
1173:
1171:
1168:
1166:
1163:
1161:
1160:Shared secret
1158:
1156:
1153:
1151:
1148:
1146:
1143:
1141:
1138:
1136:
1133:
1131:
1128:
1126:
1123:
1121:
1118:
1116:
1113:
1111:
1108:
1106:
1103:
1100:
1097:
1092:
1089:
1088:
1087:
1084:
1082:
1079:
1077:
1074:
1072:
1069:
1067:
1064:
1062:
1059:
1057:
1056:Key generator
1054:
1052:
1049:
1047:
1044:
1042:
1039:
1037:
1034:
1030:
1027:
1025:
1022:
1021:
1020:
1019:Hash function
1017:
1015:
1012:
1010:
1007:
1005:
1002:
1000:
997:
995:
994:Cryptanalysis
992:
990:
987:
983:
980:
979:
978:
975:
973:
970:
968:
965:
964:
962:
958:
954:
947:
942:
940:
935:
933:
928:
927:
924:
920:
904:
901:
899:
896:
894:
891:
889:
886:
884:
881:
879:
876:
874:
871:
869:
866:
864:
861:
859:
856:
854:
851:
849:
846:
844:
841:
839:
836:
834:
831:
830:
827:
823:
816:
811:
809:
804:
802:
797:
796:
793:
789:
782:
779:
776:
773:
772:
768:
762:
756:
748:
741:
737:
732:
731:
727:
726:
720:
714:
711:
706:
700:
697:
692:
688:
682:
679:
676:
672:
667:
664:
659:
653:
650:
645:
639:
636:
631:
625:
622:
617:
611:
608:
603:
597:
594:
589:
583:
580:
564:
558:
555:
550:
546:
540:
537:
532:
526:
523:
518:
512:
509:
503:
499:
496:
495:
491:
484:
480:
476:
473:
467:
466:
463:
460:
458:
455:
449:
448:
445:
442:
439:
436:
430:
429:
426:
424:
423:Apache Tomcat
420:
419:Java KeyStore
414:
413:symmetric key
410:
406:
402:
399:
394:
391:
390:
386:
382:
378:
374:
370:
366:
362:
358:
355:
350:
347:
346:
342:
338:
334:
331:
326:
323:
322:
318:
315:
309:
308:
304:
301:
296:
293:
292:
288:
284:
280:
276:
272:
269:
266:
261:
258:
257:
253:
249:
246:
240:
239:
235:
231:
228:
222:
221:
217:
215:
212:
206:
205:
201:
198:
195:
189:
188:
184:
182:
179:
173:
172:
168:
164:
160:
157:
152:
149:
148:
144:
141:
138:
136:
135:
132:
127:
125:
121:
117:
113:
109:
105:
101:
100:RSA algorithm
97:
93:
89:
85:
81:
70:
58:
53:
44:
43:
40:
36:
19:
1216:Block cipher
1061:Key schedule
1051:Key exchange
1041:Kleptography
1004:Cryptosystem
953:Cryptography
821:
713:
699:
691:the original
681:
666:
652:
638:
624:
610:
596:
582:
570:. Retrieved
557:
549:the original
539:
525:
511:
461:
443:
416:
405:private keys
213:
180:
130:
92:RSA Security
83:
79:
77:
64:
56:
39:
1204:Mathematics
1195:Mix network
1303:Categories
1155:Ciphertext
1125:Decryption
1120:Encryption
1081:Ransomware
775:About PKCS
504:References
367:(see also
67:March 2024
1145:Plaintext
747:EUROCRYPT
450:PKCS #14
440:Standard
431:PKCS #13
270:Standard
214:Withdrawn
199:Standard
181:Withdrawn
145:Comments
1284:Category
1190:Kademlia
1150:Codetext
1093:(CSPRNG)
903:PKCS #15
898:PKCS #14
893:PKCS #13
888:PKCS #12
883:PKCS #11
878:PKCS #10
755:cite web
675:FreeOTFE
492:See also
393:PKCS #12
349:PKCS #11
325:PKCS #10
310:PKCS #9
241:PKCS #6
223:PKCS #5
207:PKCS #4
190:PKCS #3
174:PKCS #2
122:and the
960:General
873:PKCS #9
868:PKCS #8
863:PKCS #7
858:PKCS #6
853:PKCS #5
848:PKCS #4
843:PKCS #3
838:PKCS #2
833:PKCS #1
728:General
572:May 30,
295:PKCS #8
260:PKCS #7
167:padding
151:PKCS #1
139:Version
96:patents
57:updated
1071:Keygen
279:S/MIME
234:PBKDF2
102:, the
1101:(PRN)
743:(PDF)
566:(PDF)
252:X.509
163:ASN.1
35:PCSK9
822:PKCS
761:link
574:2024
379:and
142:Name
124:PKIX
120:IETF
80:PKCS
673:in
483:API
471:1.1
397:1.1
361:API
353:3.0
329:1.7
313:2.0
299:1.2
275:PKI
264:1.5
244:1.5
226:2.1
193:1.4
155:2.2
1305::
757:}}
753:{{
745:.
721:".
425:.
387:.
375:,
343:.
289:.
236:.
945:e
938:t
931:v
814:e
807:t
800:v
763:)
576:.
453:–
434:–
210:-
177:-
82:(
69:)
65:(
59:.
37:.
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.