Overview[1]#

In cryptography, Public-Key Cryptography Standards (PKCS) is a group of public Key cryptography standards devised and published by RSA Security Inc, starting in the early 1990s.

The company published the standards to promote the use of the cryptography techniques to which they had patents, such as the RSA algorithm, the Schnorr Signature Algorithm and several others. Though not industry standards (because the company retained control over them), some of the standards in recent years have begun to move into the "standards-track" processes of relevant standards organizations such as the IETF and the PKIX working-group.

The Standards#

  • PKCS #1
  • PKCS #2 - No longer active as of 2010. Covered RSA encryption of message digests; subsequently merged into PKCS #1.
  • PKCS #3
  • PKCS #4 - No longer active as of 2010. Covered RSA key syntax; subsequently merged into PKCS #1.
  • PKCS #5 - Password-based Encryption Standard which is described in RFC 2898 and PBKDF2.
  • PKCS #6 - Extended-Certificate Syntax Standard which defined extensions to the old v1 X.509 certificate specification. Obsoleted by v3 of the same.
  • PKCS #7 - Cryptographic Message Syntax Standard is defined in RFC 2315. Used to sign and/or encrypt messages under a PKI. Used also for certificate dissemination (for instance as a response to a PKCS#10 message). Formed the basis for S/MIME, which is as of 2010 based on RFC 5652, an updated Cryptographic Message Syntax Standard (CMS). Often used for single sign-on.
  • PKCS #8 - Private-Key Information Syntax Standard described in RFC 5958. Used to carry private certificate keypairs (encrypted or unencrypted).
  • PKCS #9 - Selected Attribute Types is described in RFC 2985 which describes selected attribute types for use in PKCS #6 extended certificates, PKCS #7 digitally signed messages, PKCS #8 Private Key information, and PKCS #10 certificate-signing requests.
  • PKCS #10 - Certificate Signing Requests
  • PKCS #11 - Cryptographic Token Interface which was also known as "Cryptoki". An API defining a generic interface to cryptographic tokens (typically Hardware Security Module). Often used in single sign-on, public-key cryptography and disk encryption systems. RSA Security has turned over further development of the PKCS#11 standard to the OASIS PKCS 11 Technical Committee.
  • PKCS #12 -
  • PKCS #13 - Apparently abandoned, only reference is a proposal from 1998.
  • PKCS #14 - Apparently abandoned, NO documents exist
  • PKCS #15 - Cryptographic Token Information Format Standard which defines a standard allowing users of cryptographic tokens to identify themselves to applications, independent of the application's Cryptoki implementation (PKCS #11) or other API. RSA has relinquished IC-card-related parts of this standard to ISO/IEC 7816-15.

More Information#

There might be more information for this subject on one of the following:
  • [#1] - PKCS - based on data observed:2015-05-18

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-3) was last changed on 21-Feb-2016 12:20 by jim