Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
PKCS
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|Group of public-key cryptography standards}} {{hatnote|For technical reasons, titles such as "PKCS #1" redirect here. For links to individual articles, see the table below.}} {{About|public-key cryptography standards|the human gene involved in cholesterol metabolism|PCSK9}} {{Use mdy dates|date=March 2024}} {{Use American English|date=March 2024}} {{Update|date=March 2024}} '''Public Key Cryptography Standards''' ('''PKCS''') are a group of [[public-key cryptography]] standards devised and published by [[RSA Security]] LLC, starting in the early 1990s. The company published the standards to promote the use of the cryptography techniques for which they had [[patent]]s, such as the [[RSA algorithm]], the [[Schnorr signature]] algorithm and several others. Though not [[List of computer standards|industry standards]] (because the company retained control over them), some of the standards have begun to move into the "[[standards track]]" processes of relevant [[standards organization]]s in recent years{{when|date=January 2014}}, such as the [[IETF]] and the [[PKIX]] working group. '''Key Updates (2023–2024):''' * Integration of [[PKCS 7|PKCS #7]] and [[PKCS 12|PKCS #12]] into broader standards like S/MIME and TLS. * Evolution of [[PKCS 11|PKCS #11]] to support newer hardware and cloud services. * Involvement of PKCS standards in post-quantum cryptography efforts, with NIST's ongoing standardization. * Growing adoption of PKCS standards in the context of blockchain and digital assets. {| class="wikitable" |+ '''PKCS Standards Summary''' ! !! Version !! Name !! Comments |- ! [[PKCS 1|PKCS #1]] |align="center" | 2.2 || RSA Cryptography Standard<ref> {{cite web | title = PKCS #1: RSA Cryptography Standard | url = https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-rsa-cryptography-standard.htm | publisher = RSA Laboratories }} </ref> || See {{IETF RFC|8017}}. Defines the mathematical properties and format of RSA public and private keys ([[ASN.1]]-encoded in clear-text), and the basic algorithms and encoding/[[padding (cryptography)|padding]] schemes for performing RSA encryption, decryption, and producing and verifying signatures. |- style="background-color: #ececec" ! PKCS #2 |align="center" | - || ''Withdrawn'' || No longer active {{as of | 2010 | lc = on}}. Covered RSA encryption of message digests; subsequently merged into PKCS #1. |- ! PKCS #3 |align="center" | 1.4 || [[Diffie–Hellman key exchange|Diffie–Hellman Key Agreement]] Standard<ref> {{cite web | title = PKCS #3: Diffie-Hellman Key Agreement Standard | url = https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-3-diffie-hellman-key-agreement-standar.htm | publisher = RSA Laboratories }} </ref> || A cryptographic protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. |- style="background-color: #ececec" ! PKCS #4 |align="center" | - || ''Withdrawn'' || No longer active {{as of | 2010 | lc = on}}. Covered RSA key syntax; subsequently merged into PKCS #1. |- ! PKCS #5 |align="center" | 2.1 || Password-based Encryption Standard<ref> {{cite web | title = PKCS #5: Password-Based Cryptography Standard | url = https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-5-password-based-cryptography-standard.htm | url-status = dead | archive-url = https://web.archive.org/web/20150407110829/https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-5-password-based-cryptography-standard.htm | archive-date = 2015-04-07 | publisher = RSA Laboratories }} </ref><ref> {{cite web | title = PKCS #5 v2.0: Password-Based Cryptography Standard | url = https://www.foo.be/docs/opensst/ref/pkcs/pkcs-5v2/pkcs5v2-0.pdf | access-date = May 30, 2024 | date = March 25, 1999 | publisher = RSA Laboratories }} </ref> || See {{IETF RFC|8018}} and [[PBKDF2]]. |- style="background-color: #ececec" ! PKCS #6 |align="center" | 1.5 || Extended-Certificate Syntax Standard<ref> {{cite web | title = PKCS #6: Extended-Certificate Syntax Standard | url = https://www.emc.com/emc-plus/rsa-labs/standars-initiatives/pkcs-6-extended-certificate-syntax-standard.htm | publisher = RSA Laboratories }} </ref> || Defines extensions to the old v1 [[X.509]] certificate specification. Obsoleted by v3 of the same. |- ! [[PKCS 7|PKCS #7]] |align="center" | 1.5 ||[[Cryptographic Message Syntax]] Standard<ref> {{cite web | title = PKCS #7: Cryptographic Message Syntax Standard | url = https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-7-cryptographic-message-syntax-standar.htm | publisher = RSA Laboratories }} </ref> || See {{IETF RFC|2315}}. Used to sign and/or encrypt messages under a [[Public key infrastructure|PKI]]. Used also for certificate dissemination (for instance as a response to a PKCS #10 message). Formed the basis for [[S/MIME]], which is {{as of | 2010 | lc = on}} based on {{IETF RFC|5652}}, an updated [[Cryptographic Message Syntax|Cryptographic Message Syntax Standard]] (CMS). Often used for [[single sign-on]]. |- style="background-color: #ececec" ! [[PKCS 8|PKCS #8]] |align="center" | 1.2 || Private-Key Information Syntax Standard<ref> {{cite web | title = PKCS #8: Private-Key Information Syntax Standard | url = https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-8-private-key-information-syntax-stand.htm | publisher = RSA Laboratories }} </ref> || See {{IETF RFC|5958}}. Used to carry private certificate keypairs (encrypted or unencrypted). |- ! PKCS #9 |align="center" | 2.0 || Selected Attribute Types<ref> {{cite web | title = PKCS #9: Selected Attribute Types | url = https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-9-selected-attribute-types.htm | publisher = RSA Laboratories }} </ref> || See {{IETF RFC|2985}}. Defines selected attribute types for use in PKCS #6 extended certificates, PKCS #7 digitally signed messages, PKCS #8 private-key information, and PKCS #10 certificate-signing requests. |- style="background-color: #ececec" ! [[PKCS 10|PKCS #10]] |align="center" | 1.7 || Certification Request Standard<ref> {{cite web | title = PKCS #10: Certification Request Syntax Standard | url = https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs10-certification-request-syntax-standard.htm | publisher = RSA Laboratories }} </ref> || See {{IETF RFC|2986}}. Format of messages sent to a [[certification authority]] to request certification of a public key. See [[certificate signing request]]. |- ! [[PKCS 11|PKCS #11]] |align="center" | 3.0 || Cryptographic Token Interface<ref> {{cite web | title = PKCS #11: Cryptographic Token Interface Standard | url = https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-11-cryptographic-token-interface-standard.htm | publisher = RSA Laboratories }} </ref> || Also known as "Cryptoki". An [[API]] defining a generic interface to [[cryptographic token]]s (see also [[hardware security module]]). Often used in [[single sign-on]], [[public-key cryptography]] and [[disk encryption]]<ref>[http://www.freeotfe.org/docs/Main/pkcs11_support.htm Security Token/Smartcard Support] in [[FreeOTFE]]</ref> systems. RSA Security has turned over further development of the PKCS #11 standard to the [http://www.oasis-open.org/committees/pkcs11/ OASIS PKCS 11 Technical Committee]. |- style="background-color: #ececec" ! [[PKCS 12|PKCS #12]] |align="center" | 1.1 || Personal Information Exchange Syntax Standard<ref>{{cite web|title=PKCS #12: Personal Information Exchange Syntax Standard |url=https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs12-personal-information-exchange-syntax-standard.htm |publisher=RSA Laboratories |url-status=dead |archiveurl=https://web.archive.org/web/20140401120450/http://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs12-personal-information-exchange-syntax-standard.htm |archivedate=April 1, 2014 }} </ref> || See {{IETF RFC|7292}}. Defines a file format commonly used to store [[private key]]s with accompanying [[public key certificate]]s, protected with a password-based [[symmetric key]]. PFX is a predecessor to PKCS #12. This container format can contain multiple embedded objects, such as multiple certificates. Usually protected/encrypted with a password. Usable as a format for the [[Java KeyStore]] and to establish client authentication certificates in Mozilla Firefox. Usable by [[Apache Tomcat]]. |- ! PKCS #13 |align="center" | – || [[Elliptic-curve cryptography]] Standard || ''(Apparently abandoned, only reference is a proposal from 1998.)'' |- style="background-color: #ececec" ! PKCS #14 |align="center" | – || [[Pseudorandom number generator|Pseudo-random Number Generation]] || ''(Apparently abandoned, no documents exist.)'' |- ! PKCS #15 |align="center" | 1.1 || Cryptographic Token Information Format Standard<ref> {{cite web | title = PKCS #15: Cryptographic Token Information Format Standard | url = https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-15-cryptographic-token-information-format.htm | publisher = RSA Laboratories }} </ref> || Defines a standard allowing users of [[cryptographic token]]s to identify themselves to applications, independent of the application's Cryptoki implementation (PKCS #11) or other [[API]]. RSA has relinquished IC-card-related parts of this standard to [[ISO/IEC 7816]]-15.<ref> RSA Laboratories: "[https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-15-cryptographic-token-information-format.htm PKCS #15: Cryptographic Token Information Format Standard]". </ref> |}
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)