ISO/IEC 18367 – Verifying IT Security

ISO/IEC 18367 has just been released.  The new standard is titled Information technology – Security techniques – Cryptographic algorithms and security mechanisms conformance testing.  You’ll use this standard to do a security analysis of your cryptographic module and it’s implementation.

Face it, IT security breaches are rocking governments and industry.  Seeing your company in the headlines and knowing that essential (and private) information has been compromised is not acceptable.  You’re depending on IT security protocols to protect your organization and it’s data.  But how do you verify that it will work?

Testing is the answer to this problem and ISO/IEC 18367 has been developed to show you how.  It contains conformance testing methods for both the cryptographic algorithms and the security mechanisms you’re implementing in a cryptographic module.  It is a companion standard for the ISO/IEC 19790 and the ISO/IEC 19790.  Conformance testing is the final step in implementing cryptographic security.

The ISO/IEC 18367 is a 76-page publication.  It can be used to assure correct security implementation in hardware, software or firmware.  It will help you confirm that your security algorithmn runs correctly in a specific operating environment.  It does this by using such testing methods as known-answer or Monte Carlo testing.  Or you may prefer to use a combination of tests.  And testing can be performed both in an actual implementation or in a simulation environment.

This means that the standard covers the types of algorithmns used for security and various testing methodologies.  Annex A gives you additional information on common mistakes made in these types of cryptographic algorithm implementation.  Annex B includes various examples of known-answer test vectors.  A 42-item bibliography completes the publication.

All ISO and IEC standards are available for purchase at the Document Center Inc. webstore, www.document-center.com.  You can get them in paper format or for pdf download.  They can also be included in our Standards Online enterprise cloud solution.  Here is a direct link to the order page for the ISO/IEC 18367 for your convenience.  If you’d like more information, please contact us by phone (650-591-7600) or email (info@document-center.com).

Here at Document Center Inc., we’ve been working with standards since 1982.  And we’ve been on the web since 1993.  We have a wide range of products and services to support your compliance efforts.  Make us your Standards Experts!

 

Published by

Claudia Bach

Claudia Bach is the President of Document Center Inc. and a world-wide recognized expert on Standards and Standards Distribution. You can connect with her on Google+

Leave a Reply

Your email address will not be published. Required fields are marked *