Specification of Crypto Service Manager, AUTOSAR R22-11, CP, No.402
AUTOSARは、ISO、IEC、ITUと情報交換契約を結んでいません。
AUTOSAR文書には、ISO、IEC,ITU記述を全文引用することはできません。
WTO/TBT協定に基づき、国際的な調達は国際規格との差異を記述することにより文化依存しない仕様を目指します。
ISO、IEC、ITU文書を合わせて読むと技術内容は理解できます。
CAN、OSEK/VDX OS、DIAGは、ISO定義を先に確認しましょう。
OSEK COM、OSEK NMなどはISOの規定から基本的な部分で定義を変えています。
変更している部分を仕様等で明記するか、ISOを改定するとよいでしょう。
AUTOSARの参考文献欄の改定が進んでいません。
Glossary用語定義の網羅性が低いです。
本文を読む前に確認するとよいかもしれません。
本文を読んでから確認してもよいかもしれません。
AUTOSARが、2022年の版、R22-11公開しました。公開行事の模様は
AUTOSAR R22-11 Release Event 20221208
下記URL順次確認中です。
要求/仕様(Requirement and Specification)
一覧
AUTOSAR R22-11 Classic Platform 一覧はこちら。
Classic Platform Release Overview, AUTOSAR R22-11, CP, No.0(2)
AUTOSAR R22-11 マラソン
Qiitaの記事の一覧は作成中です。
AUTOSAR R22-11 一覧(2)
Abstract Platformとの関係
暗号、セキュリティ文書統合。
<この項は書きかけです。順次追記します。>
文書変更(Document Change)
New Feature: Addition of the CsmCustom service for vendor customized security services.
Removal of certificate functionality (moved to KeyM and replaced by CsmCustom services)
Editorial changes
用語(terms)
| Term | Description |
|---|---|
| AEAD | Authenticated Encryption with Associated Data |
| CDD | Complex Device Driver |
| CSM | Crypto Service Manager |
| CRYIF | Crypto Interface |
| CRYPTO | Crypto Driver |
| DET | Default Error Tracer |
| HSM | Hardware Security Module |
| HW | Hardware |
| SHE | Security Hardware Extension |
| SW | Software |
| Crypto Driver Object | A Crypto Driver implements one or more Crypto Driver Objects. The Crypto Driver Object can offer different crypto primitives in hardware or software. The Crypto Driver Objects of one Crypto Driver are independent of each other. There is only one workspace for each Crypto Driver Object (i.e. only one crypto primitive can be performed at the same time) |
| Key | A Key can be referenced by a job in the Csm. In the Crypto Driver, the key refers a specific key type. |
| Key Type | A key type consists of refers to key elements. The key types are typically pre-configured by the vendor of the Crypto Driver. |
| Key Element | Key elements are used to store data. This data can be e.g. key material or the IV needed for AES encryption. It can also be used to configure the behaviour oft he key management functions. |
| Job | A Job is a configured 'CsmJob'. Among others, it refers to a key, a cryptographic primitive and a reference channel. |
| Channel | A channel is the path from a Crypto Service Manager queue via the Crypto Interface to a specific Crypto Driver Object. |
| Primitive | A primitive is an instance of a configured cryptographic algorithm realized in a Crypto Driver Object. Among others it refers to a functionality provided by the CSM to the application, the concrete underlining 'algorithmfamily' (e.g. AES, MD5, RSA, etc.), and a 'algorithmmode' (e.g. ECB, CBC, etc). |
| Operation | An operation of a crypto primitive declares what part of the crypto primitive shall be performed. There are three different operations: It is also possible to perform more than one operation at once by concatenating the corresponding bits of the operation_mode argument. |
| START | Operation indicates a new request of a crypto primitive, it shall cancel all previous requests perform necessary initializations and checks if the crypto primitive can be processed. |
| UPDATE | Operation indicates, that the crypto primitive expect input data. An update operation may provide intermediate results. |
| FINISH | Operation indicates, that after this part all data are fed completely and the crypto primitive can finalize the calculations. A finish operation may provide final results. |
| Priority | The priority of a job defines the importance of it. The higher the priority (as well in value), the more immediate the job will be executed. The priority of a cryptographic job is part of the configuration. |
| Processing | Indicates the kind of job processing. |
| Asynchronous | The job is not processed immediately when calling a corresponding function. Usually, the caller is informed via a callback function when the job has been finished. |
| Synchronous | The job is processed immediately when calling a corresponding function. When the function returns, a result will be available. |
| Service | A service shall be understand as defined in the TR_Glossary document: A service is a type of operation that has a published specification of interface and behavior, involving a contract between the provider of the capability and the potential clients. |
英日
日本語は仮訳
T.B.D.
参考(reference)
[1] List of Basic Software Modules
AUTOSAR_TR_BSWModuleList.pdf
[2] Layered Software Architecture
AUTOSAR_EXP_LayeredSoftwareArchitecture.pdf
[3] General Requirements on Basic Software Modules
AUTOSAR_SRS_BSWGeneral.pdf
[4] Specification of RTE Software
AUTOSAR_SWS_RTE.pdf
[5] Specification of BSW Scheduler
AUTOSAR_SWS_Scheduler.pdf
[6] Specification of ECU Configuration
AUTOSAR_TPS_ECUConfiguration.pdf
[7] Specification of Memory Mapping
AUTOSAR_SWS_MemoryMapping.pdf
[8] Specification of Default Error Tracer
AUTOSAR_SWS_DefaultErrorTracer.doc.pdf
[9] Specification of Diagnostic Event Manager
AUTOSAR_SWS_DiagnosticEventManager.pdf
[10] Specification of ECU State Manager
AUTOSAR_SWS_ECUStateManager.pdf
[11] Specification of C Implementation Rules
AUTOSAR_TR_CImplementationRules.pdf
[12] Specification of Standard Types
AUTOSAR_SWS_StandardTypes.pdf
[13] AUTOSAR Glossary, AUTOSAR_TR_Glossary.pdf
https://www.autosar.org/fileadmin/standards/R22-11/FO/AUTOSAR_TR_Glossary.pdf
[14] Requirements on the Crypto Stack
AUTOSAR_SRS_CryptoStack.pdf
[15] Specification of the Crypto Interface
AUTOSAR_SWS_CryptoInterface.pdf
[16] Specification of the Crypto Driver
AUTOSAR_SWS_CryptoDriver.pdf
[17] General Specification of Basic Software Modules
AUTOSAR_SWS_BSWGeneral.pdf
[18] IEC 7498-1 The Basic Model, IEC Norm, 1994
前出 ISO/IEC 7498-1
[19] IETF RFC5 639 Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation, 2010
- References
7.1. Normative References
[ANSI1] American National Standards Institute, "Public Key
Cryptography For The Financial Services Industry: The
Elliptic Curve Digital Signature Algorithm (ECDSA)", ANSI
X9.62, 2005.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC5480] Turner, S., Brown, D., Yiu, K., Housley, R., and T. Polk,
"Elliptic Curve Cryptography Subject Public Key
Information", RFC 5480, March 2009.
7.2. Informative References
[ANSI2] American National Standards Institute, "Public Key
Cryptography For The Financial Services Industry: Key
Agreement and Key Transport Using The Elliptic Curve
Cryptography", ANSI X9.63, 2001.
[BJ] Brier, E. and M. Joyce, "Fast Multiplication on Elliptic
Curves through Isogenies", Applied Algebra Algebraic
Algorithms and Error-Correcting Codes, Lecture Notes in
Computer Science 2643, Springer Verlag, 2003.
[BG] Brown, J. and R. Gallant, "The Static Diffie-Hellman
Problem", Centre for Applied Cryptographic Research,
University of Waterloo, Technical Report CACR 2004-10,
2005.
[BRS] Bohli, J., Roehrich, S., and R. Steinwandt, "Key
Substitution Attacks Revisited: Taking into Account
Malicious Signers", International Journal of Information
Security Volume 5, Issue 1, January 2006.
[BSS] Blake, I., Seroussi, G., and N. Smart, "Elliptic Curves in
Cryptography", Cambridge University Press, 1999.
[EBP] ECC Brainpool, "ECC Brainpool Standard Curves and Curve
Generation", October 2005, <http://www.ecc-brainpool.org/
download/Domain-parameters.pdf>.
[ETSI] European Telecommunications Standards Institute (ETSI),
"Algorithms and Parameters for Secure Electronic
Signatures, Part 1: Hash Functions and Asymmetric
Algorithms", TS 102 176-1, July 2005.
[FIPS] National Institute of Standards and Technology, "Digital
Signature Standard (DSS)", FIPS PUB 186-2, December 1998.
[G] Goubin, L., "A Refined Power-Analysis-Attack on Elliptic
Curve Cryptosystems", Proceedings of Public-Key-
Cryptography - PKC 2003, Lecture Notes in Computer Science
2567, Springer Verlag, 2003.
[CFDA] Cohen, H., Frey, G., Doche, C., Avanzi, R., Lange, T.,
Nguyen, K., and F. Vercauteren, "Handbook of Elliptic and
Hyperelliptic Curve Cryptography", Chapman & Hall CRC
Press, 2006.
[HMV] Hankerson, D., Menezes, A., and S. Vanstone, "Guide to
Elliptic Curve Cryptography", Springer Verlag, 2004.
[HR] Huang, M. and W. Raskind, "Signature Calculus and the
Discrete Logarithm Problem for Elliptic Curves
(Preliminary Version)", Unpublished Preprint, 2006,
http://www-rcf.usc.edu/~mdhuang/mypapers/062806dl3.pdf.
[ISO1] International Organization for Standardization,
"Information Technology - Security Techniques - Digital
Signatures with Appendix - Part 3: Discrete Logarithm
Based Mechanisms", ISO/IEC 14888-3, 2006.
[ISO2] International Organization for Standardization,
"Information Technology - Security Techniques -
Cryptographic Techniques Based on Elliptic Curves - Part
2: Digital signatures", ISO/IEC 15946-2, 2002.
[ISO3] International Organization for Standardization,
"Information Technology - Security Techniques - Prime
Number Generation", ISO/IEC 18032, 2005.
[JMV] Jao, D., Miller, SD., and R. Venkatesan, "Ramanujan Graphs
and the Random Reducibility of Discrete Log on Isogenous
Elliptic Curves", IACR Cryptology ePrint Archive 2004/312,
2004.
[RFC3279] Bassham, L., Polk, W., and R. Housley, "Algorithms and
Identifiers for the Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 3279, April 2002.
[RFC4050] Blake-Wilson, S., Karlinger, G., Kobayashi, T., and Y.
Wang, "Using the Elliptic Curve Signature Algorithm
(ECDSA) for XML Digital Signatures", RFC 4050, April 2005.
[RFC4492] Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C., and B.
Moeller, "Elliptic Curve Cryptography (ECC) Cipher Suites
for Transport Layer Security (TLS)", RFC 4492, May 2006.
[RFC4754] Fu, D. and J. Solinas, "IKE and IKEv2 Authentication Using
the Elliptic Curve Digital Signature Algorithm (ECDSA)",
RFC 4754, January 2007.
[RFC5753] Turner, S. and D. Brown, "Use of Elliptic Curve
Cryptography (ECC) Algorithms in Cryptographic Message
Syntax (CMS)", RFC 5753, January 2010.
[SA] Satoh, T. and K. Araki, "Fermat Quotients and the
Polynomial Time Discrete Log Algorithm for Anomalous
Elliptic Curves", Commentarii Mathematici Universitatis
Sancti Pauli 47, 1998.
[SEC1] Certicom Research, "Elliptic Curve Cryptography",
Standards for Efficient Cryptography (SEC) 1, September
2000.
[SEC2] Certicom Research, "Recommended Elliptic Curve Domain
Parameters", Standards for Efficient Cryptography (SEC) 2,
September 2000.
[Sem] Semaev, I., "Evaluation of Discrete Logarithms on Some
Elliptic Curves", Mathematics of Computation 67, 1998.
[Sma] Smart, N., "The Discrete Logarithm Problem on Elliptic
Curves of Trace One", Journal of Cryptology 12, 1999.
[20] IETF RFC 6637 Elliptic Curve Cryptography (ECC) in OpenPGP, 2012
関連文書(Related document)
2023年1月 記事数一覧
年末100記事を30点に仕上げる。
2023 書き初め
「はじめてのCAN/CANFD 」 ベクタージャパン <エンジニア夏休み企画>【読書感想文】
三方良し Udemy 車載LAN入門講座 CAN通信編
詳解 車載ネットワーク CAN, CAN FD, LIN, CXPI, Ethernetの仕組みと設計のために(1) 著者 <エンジニア夏休み企画 読書感想文>
詳解 車載ネットワーク CAN, CAN FD, LIN, CXPI, Ethernetの仕組みと設計のために(2)参考文献 <エンジニア夏休み企画>【読書感想文】
詳解 車載ネットワーク CAN、CAN FD、LIN、CXPI、Ethernetの仕組みと設計のために
AUTOSAR Abstract Platform User Group Weekly Report(1) 2022.1.8
AUTOSAR Abstract Platform User Group Weekly Report(2) 2022.1.15
202304 URL更新
Specification of Crypto Service Manager, No.CP, AUTOSAR 402, R22-11, CP, 20230421
<この記事は個人の過去の経験に基づく個人の感想です。現在所属する組織、業務とは関係がありません。>
文書履歴(document history)
ver. 0.01 初稿 20230121
ver. 0.02 ありがとう追記 20230625
最後までおよみいただきありがとうございました。
いいね 💚、フォローをお願いします。
Thank you very much for reading to the last sentence.
Please press the like icon 💚 and follow me for your happy life.