Search

35 result(s) for PublicKey

• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  3.1.36 Public Key
  Public Key publicly-disclosed component of a pair of cryptographic keys used for Asymmetric Cryptography Note 1 to entry: See IS Glossary . Note 2 to entry:  Public Key and Private
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  3.1.6 Asymmetric Cryptography
  that is designated the Private Key and kept secret, the other called the Public Key that is generally made available Note 1 to entry: '"Asymmetric Cryptography ... entity "B", then entity "A" encrypts the data with a Public Key provided by entity "B". Only entity "B" has the matching
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  3.1.7 Asymmetric Encryption
  Asymmetric Encryption mechanism used by Asymmetric Cryptography for encrypting data with the Public Key of an entity and for decrypting data with the associated Private Key
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  3.1.8 Asymmetric Signature
  Key of an entity and for verifying the data's signature with the associated Public Key
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  3.1.16 Certificate Authority
  Note 1 to entry: The Certificate certifies the ownership of a Public Key by the named subject of the Certificate . This allows others (relying parties) to rely upon signatures ... assertions made by the Private Key that corresponds to the Public Key that is certified. In this model of trust relationships, a CA is trusted by both the subject (owner
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  3.1.35 Private Key
  pair of cryptographic keys used for Asymmetric Cryptography Note 1 to entry:  Public Key and Private Key are always generated as a pair. If either is updated the other
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  3.1.37 Public Key Infrastructure
  Public Key Infrastructure set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke Certificates based on Asymmetric Cryptography Note 1 to entry: The core ... functions are to register users and issue their public-key Certificates , to revoke Certificates when required, and to archive data needed to validate Certificates . Key pairs for data Confidentiality could
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  4.13 OPC UA security related Services
  Shamir-Adleman (RSA) the following procedure is used: The OPC UA Client sends its Public Key in a Certificate and secret information with the OpenSecureChannel service Message to the Server ... This Message is secured by applying Asymmetric Encryption with the Server's Public Key and by generating Asymmetric Signatures with the Client 's Private Key. However, the Certificate is sent
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  5.1.10 Rogue Server or Publisher
  because this will never be distributed) to decrypt Message s secured with the correct Public Key the rogue Server would never be able to read and misuse secured data sent
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  9.1 Overview
  being supported. Asymmetric Cryptography makes use of two keys - a Private Key and a Public Key . An OPC UA Application will have a list of trusted Public Keys that represent ... secured using a secure element (e.g. TPM). The OPC UA Application can use a Public Key , from its list, to validate that the signature on a received connection request
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  9.2 Self signed certificate management
  Certificates . Figure 11 - Manual Certificate handling An administrator would be required to copy the Public Key associated with all Client applications to all Server applications that they desire communication with ... addition, the administrator would be required to copy the Public Key associated with all Server applications to all Client applications that communicate with them. As the number of Servers
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  9.3 CA Signed Certificate management
  that are installed in a system, but the administrator will only install the CA Public Key on all machines. When a Certificate is replaced, the administrator will only replace ... Certificate, there will be no need to copy the new Public Key to any locations. The company specific CA allows the company to control the issuing of Certificates
• OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model
  9.4.2 Certificate management for developers
  able to handle Certificate Revocation Lists (CRL). These are lists of Public Keys that are associated with a given CA that have been revoked. This allows a CA to remove ... which it uses to identify itself when connecting to other OPC UA Applications (the Public Key and Private Key ). Each ApplicationInstance has a globally unique URI which identifies
• OPC-10000-4 – OPC Unified Architecture - Part 4: Services
  7.15 EphemeralKeyType
  Table 136 . Table 136 - EphemeralKeyType Name Type Description EphemeralKeyType Structure Specifies an ECC ephemeral Public Key and a signature created by the application that owns the associated Private Key . publicKey ... ByteString The Public Key associated with an EphemeralKey created by the sender. It is encoded according to the rules for the ECC SecurityPolicies (see OPC 10000-7 ). The size
• OPC-10000-4 – OPC Unified Architecture - Part 4: Services
  7.40.2.4 RsaEncryptedSecret DataType
  length, in bytes, of the encrypted KeyData . KeyData The KeyData is encrypted with the PublicKey associated with the receiver of the EncryptedSecret . The creator of the EncryptedSecret generates the SigningKey
• OPC-10000-4 – OPC Unified Architecture - Part 4: Services
  7.40.2.5 EccEncryptedSecret DataType
  Diffie-Hellman (RSA-DH) Finite Field Group EphemeralKeys to create the symmetric key used to encrypt the Secret. The handshake required to create and use the EphemeralKeys is described ... KeyData without encryption. KeyData The KeyData is not encrypted. SenderPublicKey ByteString The Public Key for the EphemeralKey created by the sender. ReceiverPublicKey ByteString The Public Key for the EphemeralKey created
• OPC-10000-4 – OPC Unified Architecture - Part 4: Services
  7.41 UserTokenPolicy
  explicitly specify a SecurityPolicy . If a SecurityPolicy is specified, it shall use the same PublicKey algorithm as the SecureChannel . An EndpointDescription shall have no more than one USERNAME UserTokenPolicy ... infrastructure that issue the Certificates to users. If the system supports multiple PublicKey algorithms for user Certificates then the Server returns multiple CERTIFICATE UserTokenPolicies in the EndpointDescriptions
• OPC-10000-6 – OPC Unified Architecture - Part 6: Mappings
  6.2.1 General
  General Certificates are digitally signed data structures that contain a Public Key and the identity of a OPC UA Application . All SecurityProtocols use X.509 v3 Certificates (see X.509 v3 ) encoded
• OPC-10000-6 – OPC Unified Architecture - Part 6: Mappings
  6.7.2.3 Security Header
  encoded form of the Certificate . When using RSA PublicKeys, it indicates which Public Key was used to encrypt the MessageChunk . When using ECC or RSA-DH Public Keys it indicates ... least 8192 bytes. The AsymmetricSignatureSize depends on the number of bits in the public key for the SenderCertificate . The Int32FieldLength is the length of an encoded Int32 value
• OPC-10000-6 – OPC Unified Architecture - Part 6: Mappings
  6.8.1 Secure Channel Handshake
  Client generates a new key pair (J C , K C ) and passes the Public Key (J C ) in the request. After verifying the signature on the request, the Server generates ... key pair (J S , K S ) and returns the Public Key (J S ) in the response. The new key pairs are used each time a SecureChannel is negotiated and they
• OPC-10000-6 – OPC Unified Architecture - Part 6: Mappings
  6.9 Diffie-Hellman Key Agreement (RSA)
  keys used for the SecureChannel a finite field group is determined by the PublicKey lengths allowed by the SecurityPolicy . The finite field groups are defined in IETF ... field groups is shown in Table 72 . Table 72 - Finite Field Group Selection RSA PublicKey Length (bits) Finite Group Nonce Length (bytes) DH PrivateKey (bits) 2048-4096 ffdhe3072
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.4.10 EccApplicationCertificateType
  describe Certificates intended for use as an ApplicationInstanceCertificate . They shall have an ECC Public Key . Applications which support the ECC profiles (see OPC 10000-7 ) shall have a Certificate
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.4.11 EccNistP256ApplicationCertificateType
  describe Certificates intended for use as an ApplicationInstanceCertificate . They shall have an ECC nistP256 Public Key . Applications which support the ECC NIST P256 curve profiles (see OPC 10000-7 ) shall
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.4.12 EccNistP384ApplicationCertificateType
  describe Certificates intended for use as an ApplicationInstanceCertificate . They shall have an ECC nistP384 Public Key . Applications which support the ECC NIST P384 curve profiles (see OPC 10000-7 ) shall
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.4.13 EccBrainpoolP256r1ApplicationCertificateType
  describe Certificates intended for use as an ApplicationInstanceCertificate . They shall have an ECC brainpoolP256r1 Public Key . Applications which support the ECC brainpoolP256r1 curve profiles (see OPC 10000-7 ) shall have
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.4.14 EccBrainpoolP384r1ApplicationCertificateType
  describe Certificates intended for use as an ApplicationInstanceCertificate . They shall have an ECC brainpoolP384r1 Public Key . Applications which support the ECC brainpoolP384r1 curve profiles (see OPC 10000-7 ) shall have
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.4.15 EccCurve25519ApplicationCertificateType
  describe Certificates intended for use as an ApplicationInstanceCertificate . They shall have an ECC curve25519 Public Key . Applications which support the ECC curve25519 curve profiles (see OPC 10000-7 ) shall have
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.8.4.16 EccCurve448ApplicationCertificateType
  describe Certificates intended for use as an ApplicationInstanceCertificate . They shall have an ECC curve448 Public Key . Applications which support the ECC curve448 curve profiles (see OPC 10000-7 ) shall have
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.10.5 UpdateCertificate
  application. The Server shall report an error if the PublicKey does not match the existing Certificate and the PrivateKey was not provided. If a transaction is in progress
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  7.10.6 CreateSelfSignedCertificate
  shall begin 1 day prior to calling this Method . keySizeInBits The size of the PublicKey and PrivateKey in bits. The CertificateTypeId limits the values that may be set. A value
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  8.5.5 StartRequest
  used to request a new KeyCredential . The KeyCredential secret may be encrypted with the public key of the Certificate supplied in the request. The SecurityPolicyUri specifies the security profile used ... used to create the Secure Channel then a Certificate should be provided. PublicKey A Public Key used to encrypt the returned KeyCredential secret. For RSA SecurityPolicies this
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  8.6.5 KeyCredentialConfigurationType
  complete list of standard StatusCodes . The GetEncryptingKey Method is used request a Public Key that can be used to encrypt the KeyCredentials . The UpdateKeyCredential Method is used to change
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  8.6.6 GetEncryptingKey
  SecurityAdmin Role (see 8.2 ) . Signature GetEncryptingKey( [in] String CredentialId [in] String RequestedSecurityPolicyUri [out] ByteString PublicKey [out] String RevisedSecurityPolicyUri ); Argument Description CredentialId The unique identifier associated with the KeyCredential . RequestedSecurityPolicyUri ... used to encrypt the secret. If not specified the Server chooses a suitable default. PublicKey The Public Key used to encrypt the secret. The format depends on the SecurityPolicyUri . RevisedSecurityPolicyUri
• OPC-10000-12 – OPC Unified Architecture - Part 12: Discovery and Global Services
  9.6.6 StartRequestToken
  Used Not Used UserName or IssuedToken SecurityPolicy: RSA Not Used A Certificate containing the PublicKey used to build the RsaEncryptedSecret defined in OPC 10000-4 . UserName or IssuedToken SecurityPolicy
• OPC-10000-21 – OPC Unified Architecture - Part 21: Device Onboarding
  7.4.2.1 Overview
  each intermediary in the supply chain. However, the FDO Device only knows the first PublicKey in the chain but this is sufficient to allow the FDO Device to verify