Standards
Published Standards
- [牵头/1st author]GM/T 0105-2021 “Design guide for software-based random number generators” 《软件随机数发生器设计指南》
- GB/T 37092-2018 “Information security technology—Security requirements for cryptographic modules” 《信息安全技术 密码模块安全要求》
- GB/T 39786-2021 “Information security technology—Baseline for information system cryptography application” 《信息安全技术 信息系统密码应用基本要求》
- GB/T 40018-2021 “Information security technology—Certificate request and application protocol based on multiple channels” 《信息安全技术 基于多信道的证书申请和应用协议》
- GM/T 0115-2021 “Testing and evaluation requirements for information system cryptography application” 《信息系统密码应用测评要求》
- GM/T 0116-2021 “Testing and evaluation process guide for information system cryptography application” 《信息系统密码应用测评过程指南》
- GM/T 0005-2021 “Randomness testing specifications”《随机性检测规范》
- GM/T 0103-2021 “General Framework of random number generators”《随机数发生器总体框架》
- GM/T 0084-2020 “Guideline for the mitigation of non-invasive attacks against cryptographic modules”《密码模块物理攻击缓解技术指南》
- GM/T 0083-2020 “Guideline for the mitigation of physical attacks against cryptographic modules”《密码模块非入侵式攻击缓解技术指南》
- GM/T 0078-2020 “The design guidelines for cryptographic random number generation module”《密码随机数生成模块设计指南》
Published Whitepapers
- “Guide for cryptography application and security evaluation of government information system” 《政务信息系统密码应用与安全性评估工作指南》
- “Quantitative evaluation rules for commercial cryptography application security evaluation” 《商用密码应用安全性评估量化评估规则》
- “High-risk determination guide for information system cryptography application” 《信息系统密码应用高风险判定指引》
“Report template of commercial cryptography application security evaluation (2021 version)” 《商用密码应用安全性评估报告模板(2021版)》
- “FAQ of commercial cryptography application security evaluation” 商用密码应用安全性评估FAQ》
Developing Standards
- [牵头/1st author]“Competence requirements and accessment specification for evaluation organization of commercial cyrptography application security” 《商用密码应用安全性评估机构能力要求和评价规范》
- “Design guide for information system cryptography application” 《信息系统密码应用设计技术指南》
- “Implementation guide for information system cryptography application” 《信息系统密码应用实施指南》