RSA Data Security, Inc. is pleased to announce PKCS: Public-Key Cryptography Standards, a suite of standards for public-key cryptography developed jointly with representatives of industry and universities. PKCS covers RSA encryption, Diffie-Hellman key agreement, password-based encryption, extended-certificate syntax, cryptographic enhancement syntax, and private-key information syntax. As public-key cryptography begins to see wide application and acceptance one thing is increasingly clear: If it is going to be as effective as the underlying technology allows it to be, there must be interoperable standards. Even though vendors may agree on the basic public-key techniques, compatibility between implementations is by no means guaranteed. Interoperability requires strict adherence to an agreed-upon standard format for transferred data. PKCS provides such a basis for interoperability. The standards presented here evolved from the following broad design goals: 1. To maintain compatibility with PEM (the Internet Privacy Enhanced Mail standard) wherever possible, at least to the extent of being able to share certificates and to translate encrypted and/or signed messages back and forth between PEM and PKCS. 2. To extend beyond PEM in being able to handle arbitrary binary data (not just ASCII data), to handle a richer set of attributes in (extended) certificates, to handle Diffie-Hellman key agreement, and to handle a richer set of features in digitally signed and enveloped data. 3. To propose a standard suitable for incorporation in future OSI (Open Systems Interconnection) standards. The standards here are based on the use of OSI standard ASN.1 (Abstract Syntax Notation One) and BER (Basic Encoding Rules) to describe and represent data. PKCS describes the syntax for messages in an abstract manner, and gives complete details about algorithms. However, it does not specify how messages are to be represented, though BER is the logical choice. Thus PKCS implementations are free to exchange messages in any manner, depending on character set, record size constraints, and the like, as long as the abstract meaning of the messages can be preserved from sender to recipient. The PKCS standards are offered by RSA Data Security to developers of computer systems employing public-key technology. It is RSA Data Security's intention to improve and refine the standards in conjunction with computer system developers, with the goal of producing standards that most if not all developers adopt. The role of RSA Data Security in the standards-making process is five-fold: 1. Publish carefully written documents describing the standards. 2. Retain sole decision-making authority on what each standard is. This includes arbitrary object identifier choices, etc. 3. Solicit opinions and advice from developers on useful or necessary changes and extensions. 4. Publish revised standards when appropriate. 5. Provide implementation guides and/or reference implementations. The PKCS suite includes the following documents, each of which is available by anonymous ftp from : RSA Data Security, Inc. PKCS #1: RSA Encryption Standard. Version 1.4, June 1991. (pub/pkcs/pkcs-1.ps) RSA Data Security, Inc. PKCS #3: Diffie-Hellman Key-Agreement Standard. Version 1.3, June 1991. (pub/pkcs/pkcs-3.ps) RSA Data Security, Inc. PKCS #5: Password-Based Encryption Standard. Version 1.4, June 1991. (pub/pkcs/pkcs-5.ps) RSA Data Security, Inc. PKCS #6: Extended-Certificate Syntax Standard. Version 1.4, June 1991. (pub/pkcs/pkcs-6.ps) RSA Data Security, Inc. PKCS #7: Cryptographic Message Syntax Standard. Version 1.4, June 1991. (pub/pkcs/pkcs-7.ps) RSA Data Security, Inc. PKCS #8: Private-Key Information Syntax Standard. Version 1.1, June 1991. (pub/pkcs/pkcs-8.ps) RSA Data Security, Inc. PKCS #9: Selected Attribute Types. Version 1.0, June 1991. (pub/pkcs/pkcs-9.ps) (PKCS #2 and #4 have been superseded by other members of the suite.) Also available are an overview, examples, and a layman's guide to ASN.1, BER and DER: Burton S. Kaliski Jr. An Overview of the PKCS Standards. RSA Data Security, Inc., June 1991. (pub/pkcs/overview.ps) Burton S. Kaliski Jr. Some Examples of the PKCS Standards. RSA Data Security, Inc., June 1991. (pub/pkcs/examples.ps) Burton S. Kaliski Jr. A Layman's Guide to a Subset of ASN.1, BER and DER. RSA Data Security, Inc., June 1991. (pub/pkcs/layman.ps) Paper copies can be obtained at a nominal charge from PKCS Editor, RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA, 94065. Phone: (415) 595-8782.