0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 1 year has passed since last update.

Specification of Cryptography, No.883, AUTOSAR R21-11 (17) AP

Last updated at Posted at 2022-05-02

Specification of Cryptography, No.883, 2021-11

AUTOSAR R21-11(0) 仕様ダウンロード一覧。単語帳。参考文献資料作成

用語(terms)

短縮名(short name)

Abbreviation / Acronym Description
ACL Access Control List
AE Authenticated Encryption
AEAD Authenticated Encryption with Associated Data - Encryption scheme which simultaneously provides confidentiality and authenticity of data as well as additional authenticated but not encrypted data.
AES Advanced Encryption Standard - A block cipher for the symmetric encryption of electronic data.
API Abstract Programming Interface
ARA Autosar Runtime Environment for Adaptive Applications
ASN.1 Abstract Syntax Notation One, as defined in the ASN.1 standards
BER Basic Encoding Rules
BLOB Binary Large Object - A Binary Large OBject (BLOB) is a collection of binary data stored as a single entity.
CA Certificate Authority or Certification Authority is an entity that issues digital certificates.
CBC Cipher Block Chaining Mode - A mode of operation for symmetric ciphers (e.g. AES) that supports encryption.
CBC-MAC Cipher Block Chaining Message Authentication Mode - A mode of operation for symmetric ciphers (e.g. AES) that supports authentication.
CCM Counter Mode with CBC-MAC - An AEAD operation mode (encryption and authentication) for AES.
CMAC Cipher-based Message Authentication Code - A mode of operation for symmetric ciphers (e.g. AES) that supports authentication and is similar but advanced to CBC-MAC.
CMP X.509 Certificate Management Provider.
CO Cryptographic Object
COUID Cryptographic Object Unique Identifier
CRL Certificate Revocation Lists is a list of digital certificates that have been revoked before their expiration date was reached. This list contains all the serial numbers of the revoked certificates and the revoked data.
CSR Certificate Signing Request
CTL Certificate Trust List is a list of digital certificates that are explicitly trusted in this environment. This list contains all the serial numbers of the explicitly trusted certificates.
DER Distinguished Encoding Rules as defined in [2]
DH Diffie-Hellman (key exchange method)
ECC Elliptic Curve Cryptography - Public-key cryptography based on the structure of elliptic curves.
ECDH Elliptic Curve Diffie-Hellman - An ECC based DH key exchange with perfect forward secrecy.
ECDSA Elliptic Curve Digital Signature Algorithm - An ECC based signature scheme.
ECIES Elliptic Curve Integrated Encryption Scheme - An ECC based encryption scheme.
ECU Electronic Control Unit
FC Crypto Functional cluster Cryptography. This is the AUTOSAR cluster, which provides all important functionality related to cryptograhic, key management, and certificate handling needs.
gamma linear recurrent sequence
GCM Galois Counter Mode - An AEAD operation mode (encryption and authentication) for AES.
GMAC Galois MAC - A mode of operation for symmetric ciphers (e.g. AES) that supports authentication.
HSM Hardware Security Module - Hardware security module, used to store cryptographic credentials and secure run-time environment
HMAC Hashed Message Authentication Code
IETF Internet Engineering Task Force
IKE Internet Key Exchange
IPC Inter-Process Communication
IPsec Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network.
IV Initialization Vector
KDF Key Derivation Function - A function to derive one or more keys from a secret value.
KEK Key encryption key - A key that is used to encrypt another key for transportation or storage in an unsecure environment
KSP Key Storage Provider
MAC Message Authentication Code - A cryptographic function similar to a hash function. It takes a message of variable length and a secret key as input to generate a hash value, the MAC value. The MAC value is attached to the message to be sent. The receiver of the message can recalculate the MAC value to check if the message is authentic.
MGF Mask Generation Function - A cryptographic function similar to a hash function. It takes a variable length input and an output length l to generate an output of length l. If the input is unknown, the output appears random.
OCSP Online Certificate Status Protocol - Internet protocol used to obtain revocation status of X.509 certificates.
PEM Privacy-Enhanced Mail
PKI Public Key Infrastructure - A system that issues, distributes, and checks digital certificates.
PKCS Public Key Cryptography Standard.
RA Registration Authority
RNG Random Number Generator
RSA Rivest, Shamir, Adleman - RSA is an algorithm for public-key cryptography; It is named after its inventors Ronald L. Rivest, Adi Shamir and Leonard Adleman.
SecOC Secure Onboard Communication
SHA-1 Secure Hash Algorithm (version 1) - Hash functions family.
SHA-2 Secure Hash Algorithm (version 2) - Hash functions family with different hash value length.
SHA-3 Secure Hash Algorithm (version 3) - New hash function generation, faster and more secure as SHA-2.
SHE Secure Hardware Extension
TLS Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network.
TPM The Trusted Platform Module is defined in [3] and is a secure cryptoprocessor.
UCM Update and Configuration Management
UID Unique Identifier
X.509 Standard for certificates
Terms Description
Adaptive Application An adaptive application is a part of application SW in the architecture of Adaptive AUTOSAR. An adaptive application runs on top of ARA and accesses AUTOSAR functional clusters through ARA.
Adaptive Platform Services Adaptive Platform Services are located below the ARA. They provide platform standard services of Adaptive AUTOSAR.
Asymmetric Key An asymmetric key describes a pair of two keys (public and private key). A cipher text created by one key cannot be decrypted with this key. Encryption is only possible with the other key of this pair.
Block Cipher A symmetric encryption that encrypts plaintext blocks of fixed length.
certificate serial number An integer value, unique within the issuing authority, which is unambiguously associated with a certificate issued by that authority.
certification path An ordered list of one or more public-key certificates, starting with a public-key certificate signed by the trust anchor, and ending with the public key certificate to be validated. All intermediate public-key certificates, if any, are CA-certificates in which the subject of the preceding certificate is the issuer of the following certificate.
Ciphertext A ciphertext is an encrypted text, which is the result of encryption performed on plaintext.
CryptoAPI The set of all interfaces that are provided by FC Crypto to consumers.
Crypto Provider A structural element that organizes cryptographic primitives.
Cryptographic primitives Well-established, low-level cryptographic algorithms that are frequently used to build cryptographic protocols for computer security systems.
Distinguished name is originally defined in X.501 [4] as a representation of a directory name, defined as a construct that identifies a particular object from among a set of all objects.
Functional Cluster The SW functionality of ARA is divided into functional clusters. Functional clusters provide APIs and can communicate with each other.
Instance Specifier Crypto provider can have more than one instance. To distinguish between instances the spcific instance is addressed with an instance specifier. An instance specifier identifies one instance of a crypto provider.
Key Material public keys, private keys, seeds.
Key Slot Secure storage of key material. Key slots define the access to the stored key material and grant the access only to authorized application or functional cluster.
Key Storage Provider A structural element that organizes and manages cryptographic keys.
Nonce A nonce is a random or semi-random number that is generated for cryptographic topics. A nonce can be used as an input to a hash algorithm so that the hash algorithm computes a hash value out of two inputs
Plaintext A plaintext is ordinary readable text before being encrypted into ciphertext or after being decrypted.
Policy Decision Point A PDP defines which item (process, application, function) can decide if a requested access to resources may be granted or not.
Random Number Generator A program that generates random numbers or pseudo random numbers in a given range.
Salt A salt is a random or semi-random number which is created for passwords. When a password is edited for a user/account also a salt is created for this user/account. A hash algorithm creates a hash value of password and salt. Salts increase the security against brute force password guessing attacks.
SecretSeed A secret value that is used as an initial value to start encryption/decryption.
Stream Ciphe r A symmetric encryption that calculates cipher text out of streaming plaintext and the status result of the encryption of previous streamed plaintext. For the first part of encryption a start value is needed as status result.
Symmetric Key In a symmetric encryption the same key (symmetric key) is used to encrypt plaintext into cipher text and to decode cipher text into plain text. A symmetric key is also called secret key because it must be kept secret.
X.509 Provider Domain SW for X.509 certificates parsing, verification, storage and search.

英日

日本語は仮訳

no. count word 日本語
1 4261 the その
2 3146 crypto 暗号
3 2479 ara AUTOSAR Runtime for Adaptive Applications(短縮名)
4 2415 of
5 1890 sws_crypt_ sws_crypt_
6 1152 a 一つの
7 1042 rs_crypto_ rs_crypto_
8 1027 cryp 暗号
9 1025 to
10 1018 key
11 980 if もしも
12 920 id identifier, 識別子(短縮名)
13 914 draft 下書き
14 908 is
15 869 c c
16 825 no いいえ
17 818 d d
18 814 in
19 783 except それ外
20 777 x x
21 721 safety 安全性
22 716 value 価値
23 688 class
24 674 and
25 668 core
26 666 description 説明
27 657 thread より糸
28 655 kind 親切
29 652 scope 範囲
30 648 syntax 構文
31 648 this これ
32 642 include 含む
33 638 file 紙ばさみ
34 636 h h
35 636 header 見出し
36 635 symbol
37 630 return 戻る
38 620 error 誤り
39 584 const constant(短縮名)
40 576 be なれ
41 550 for にとって
42 536 function 働き
43 512 interface 界面
44 510 by
45 491 provider 提供者
46 479 or また
47 466 context 文脈
48 462 domain 領域
49 461 result 結果
50 454 shall しなければならない
51 451 provided 提供した
52 436 not ない
53 413 an
54 408 autosar AUTomotive Open System Architecture(短縮名)
55 407 object 物体
56 402 specification 仕様
57 400 exception 例外
58 398 alg algorithm(短縮名)
59 397 cryptography 暗号化
60 389 certificate 証明書
61 366 document 資料
62 365 r r
63 357 size 大きさ
64 355 ap adaptive platform(短縮名)
65 354 autosar_sws_cryptography autosar_sws_cryptography
66 344 virtual 仮想
67 334 type
68 331 only それだけ
69 325 safe 安全な
70 311 algorithm 算法
71 307 std standard(短縮名)
72 280 parameters 引数
73 277 from から
74 276 data 与件
75 256 that それ
76 254 with
77 236 signature 署名
78 232 used 使った
79 219 usage 利用方法
80 218 can できる
81 210 name 名前
82 209 has 持つ
83 206 uptr unique pointer(短縮名)
84 204 region 領域
85 203 errors 誤り
86 197 method 方法
87 197 read 読む
88 196 bool 論理値
89 190 instance 実例
90 189 allowed 許可された
91 187 TRUE
92 186 seed
93 185 void 空所
94 184 io input output(短縮名)
95 178 keys
96 178 mem memory(短縮名)
97 168 container 容器
98 167 as なので
99 165 are です
100 161 other 他の

参照(reference)

3.1 Input documents & related standards and norms
[1] Glossary, AUTOSAR_TR_Glossary
https://www.autosar.org/fileadmin/standards/foundation/21-11/AUTOSAR_TR_Glossary.pdf
[2] X.690 : Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) https://www.itu.int/rec/T-REC-X.690
[3] ISO/IEC 11889-1:2015 Information technology - Trusted platform module library - Part 1: Architecture http://www.iso.org
[4] X.501 : Information technology - Open Systems Interconnection - The Directory: Models https://www.itu.int/rec/T-REC-X.501
[5] Specification of Adaptive Platform Core, AUTOSAR_SWS_AdaptivePlatformCore
[6] Requirements on Security Management for Adaptive Platform, AUTOSAR_RS_SecurityManagement
[7] BSI: Functionality Classes and Evaluation Methodology for Deterministic Random Number Generators (AIS), https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_20_Functionality_Classes_Evaluation_Methodology_DRNG_e.pdf?__blob=publicationFile[5]
[8] Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf
[9] Public Key Cryptography for the Financial Services Industry Key Agreement and Key Stransport Using Elliptic Curve Cryptography https://webstore.ansi.org/preview-pages/ASCX9/preview_ANSI+X9.63-2011+(R2017).pdf
[10] Recommendation for Key Derivation Using Pseudorandom Functions (Revised) https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-108.pdf
[11] Elliptic Curve Cryptography, https://www.secg.org/sec1-v2.pdf
[12] ISO IEC 9797-3:2011 Amd 1:2020(en) Information technology - Security techniques - Message Authentication Codes (MAC), http://www.iso.org
[13] HMAC: Keyed-Hashing for Message Authentication https://tools.ietf.org/html/rfc2104
[14] Updated Security Considerations the MD5 Message-Digest and the HMAC-MD5 Algorithms, https://tools.ietf.org/html/rfc6151
[15] Using Advanced Encryption Standard Counter Mode (AES-CTR) with the Internet, Key Exchange version 02 (IKEv2) Protocol https://rfc-editor.org/rfc/rfc5930.txt
[16] ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS) https://rfc-editor.org/rfc/rfc7905.txt
[17] TRIVIUM Specifications http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.59.9030
[18] PKCS #5: Password-Based Cryptography Specification Version 2.0 https://rfc-editor.org/rfc/rfc2898.txt
[19] PKCS #5: Password-Based Cryptography Specification Version 2.1 https://rfc-editor.org/rfc/rfc8018.txt
[20] PKCS #7: Cryptographic Message Syntax Version 1.5 https://rfc-editor.org/rfc/rfc2315.txt
[21] Financial institution encryption of wholesale financial messages: X9.23
[22] Advanced Encryption Standard (AES) Key Wrap Algorithm https://tools.ietf.org/html/rfc3394
[23] Advanced Encryption Standard (AES) Key Wrap with Padding Algorithm https://tools.ietf.org/html/rfc5649
[24] ISO/IEC 9796-2:2010 Information technology - Security techniques - Digital signature schemes giving message recovery - Part 2: Integer factorization based mechanisms, http://www.iso.org
[25] Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS), https://rfc-editor.org/rfc/rfc3278.txt
[26] Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS) https://rfc-editor.org/rfc/rfc5753.txt
[27] IEEE P1363: A Standard for RSA, Diffie-Hellman, and Elliptic-Curve Cryptography (Abstract)
[28] New directions in cryptography https://ieeexplore.ieee.org/document/1055638
[29] Guide for Internet Standards Writers https://tools.ietf.org/html/rfc2360
[30] X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP https://rfc-editor.org/rfc/rfc6960.txt
[31] X.509 https://www.itu.int/rec/T-REC-X.509/en
[32] Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List
(CRL) Profile https://rfc-editor.org/rfc/rfc5280.txt
[33] PKCS #10: Certification Request Syntax Specification Version 1.7 https://tools.ietf.org/html/rfc2986
[34] The application/pkcs10 Media Type https://tools.ietf.org/html/rfc5967
[35] Internet X.509 Certificate Request Message Format https://tools.ietf.org/html/rfc2511
[36] Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF) https://tools.ietf.org/html/rfc4211
[37] S/MIME Version 2 Message Specification https://tools.ietf.org/html/rfc2311
[38] Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification Version 1.2 https://rfc-editor.org/rfc/rfc5208.txt
[39] PKCS #12: Personal Information Exchange Syntax v1.1 https://tools.ietf.org/html/rfc7292
[40] X.680 : Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation https://www.itu.int/rec/T-REC-X.680
[41] X.682 : Information technology - Abstract Syntax Notation One (ASN.1): Constraint specification https://www.itu.int/rec/T-REC-X.682
[42] X.683 : Information technology - Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 specifications https://www.itu.int/rec/T-REC-X.683
[43] Keying and Authentication for Routing Protocols (KARP) Design Guidelines https://tools.ietf.org/html/rfc6518
[44] Internationalized Email Addresses in X.509 Certificates https://tools.ietf.org/html/rfc8398
[45] Internationalization Updates to RFC 5280 https://tools.ietf.org/html/rfc8399
[46] Transport Layer Security (TLS) Extensions: Extension Definitions https://tools.ietf.org/html/rfc6066
[47] The Transport Layer Security (TLS) Multiple Certificate Status Request Extension https://tools.ietf.org/html/rfc6961
[48] The Transport Layer Security (TLS) Protocol Version 1.3 https://tools.ietf.org/html/rfc8446

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?