is an Institute of Electrical and Electronics Engineers
(IEEE) standardization project for public-key cryptography
. It includes specifications for:
- Traditional public-key cryptography (IEEE Std 1363-2000 and 1363a-2004)
- Lattice-based public-key cryptography (P1363.1)
- Password-based public-key cryptography (P1363.2)
- Identity-based public-key cryptography using pairings (P1363.3)
These are described in more detail below.
The chair of the working group as of October 2008 is William Whyte of NTRU Cryptosystems, Inc., who has served since August 2001. Former chairs were Ari Singer, also of NTRU (1999-2001), and Burt Kaliski of RSA Security (1994-1999).
Traditional public-key cryptography (IEEE Std 1363-2000 and 1363a-2004)
This specification includes key agreement, signature, and encryption
schemes using several mathematical approaches: integer factorization,
discrete logarithm, and elliptic curve discrete logarithm.
Key agreement schemes
- DL/ECSSA (Discrete Logarithm/Elliptic Curve Signature Scheme with Appendix): Includes four main variants: DSA, ECDSA, Nyberg-Rueppel, and Elliptic Curve Nyberg-Rueppel.
- IFSSA (Integer Factorization Signature Scheme with Appendix): Includes two variants of RSA, Rabin-Williams, and ESIGN, with several message encoding methods. "RSA1 with EMSA3" is essentially PKCS#1 v1.5 RSA signature; "RSA1 with EMSA4 encoding" is essentially RSA-PSS; "RSA1 with EMSA2 encoding" is essentially ANSI X9.31 RSA signature.
- DL/ECSSR (Discrete Logarithm/Elliptic Curve Signature Scheme with Recovery)
- DL/ECSSR-PV (Discrete Logarithm/Elliptic Curve Signature Scheme with Recovery, Pintsov-Vanstone version)
- IFSSR (Integer Factorization Signature Scheme with Recovery)
- IFES (Integer Factorization Encryption Scheme): Essentially RSA encryption with Optimal Asymmetric Encryption Padding (OAEP).
- DL/ECIES (Discrete Logarithm/Elliptic Curve Integrated Encryption Scheme): Essentially the "DHAES" variant of ElGamal encryption.
- IFES-EPOC (Integer Factorization Encryption Scheme, EPOC version)
Lattice-based public key cryptography (P1363.1)
Password-based public-key cryptography (P1363.2)
This document includes a number
of password-authenticated key agreement schemes,
and a password-authenticated key retrieval scheme.
- BPKAS-PAK (Balanced Password-Authenticated Key Agreement Scheme, version PAK)
- BPKAS-PPK (version PPK)
- BPKAS-SPEKE (version SPEKE)
- APKAS-AMP (Augmented Password-Authenticated Key Agreement Scheme, version AMP)
- APKAS-BSPEKE2 (version BSPEKE2)
- APKAS-PAKZ (version PAKZ)
- APKAS-SRP3 and SRP6 (version Secure Remote Password (SRP) 3 and 6)
- APKAS-SRP5 (version Secure Remote Password (SRP) 5)
- APKAS-WSPEKE (version WSPEKE)
- PKRS-1 (Password Authenticated Key Retrieval Scheme, version 1)
Identity-based public key cryptography based on pairings (P1363.3)
This project was approved September 2005; no specification drafts are available yet (as of August 2007).