LLMpediaThe first transparent, open encyclopedia generated by LLMs

ISO/IEC 10116

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Cipher Block Chaining Hop 4
Expansion Funnel Raw 69 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted69
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
ISO/IEC 10116
TitleISO/IEC 10116
StatusPublished
Year1990
CommitteeISO/IEC JTC 1/SC 27
LanguageEnglish

ISO/IEC 10116 provides a specification for a block cipher mode of operation used with symmetric key algorithms. The document defines a procedure for transforming a block cipher such as Data Encryption Standard or Advanced Encryption Standard when applied in cryptographic solutions adopted by organizations like Internet Engineering Task Force, International Organization for Standardization, and International Electrotechnical Commission. It has been referenced in implementations by vendors including IBM, Microsoft, and Siemens and considered in publications from National Institute of Standards and Technology, European Telecommunications Standards Institute, and American National Standards Institute.

Overview

ISO/IEC 10116 specifies a particular mode of operation designed to provide confidentiality for fixed-size blocks produced by a block cipher. Implementers often pair the mode with algorithms such as Triple DES, Blowfish, or Rijndael when deploying systems influenced by frameworks like ISO/IEC 27001, Common Criteria, or directives from European Commission. The mode is discussed in academic venues such as CRYPTO, EUROCRYPT, and IEEE S&P and appears in textbooks by authors affiliated with Massachusetts Institute of Technology, Stanford University, and University of Cambridge.

Scope and Purpose

The standard's scope includes operational rules for encryption and decryption, error propagation characteristics, and padding considerations when processing data streams in contexts such as Secure Shell, Transport Layer Security, and IPsec. Its purpose is to ensure interoperable confidentiality services between products from vendors like Cisco Systems, Juniper Networks, and Huawei Technologies while aligning with governance from entities such as United Nations procurement frameworks and national bodies including National Cyber Security Centre (UK) and Federal Office for Information Security (Germany). The standard aids certification against evaluation criteria promulgated by Common Criteria and influences compliance with sectoral rules including Health Insurance Portability and Accountability Act and Payment Card Industry Data Security Standard.

Technical Specifications

ISO/IEC 10116 defines block chaining behavior, initialization vector handling, and the mapping of plaintext blocks to ciphertext blocks for a specified block length. Technical parameters reference block sizes used by ciphers like Data Encryption Standard (64-bit) and AES (128-bit), and discuss the cryptographic primitives evaluated in competitions such as the AES process and analyses presented at NIST workshops. The specification treats aspects such as error detection propagation, alignment with modes covered in standards like FIPS 81, and constraints considered by implementers at organizations including Oracle Corporation, Red Hat, and Apple Inc..

Implementation and Usage

Practical deployment of the mode from ISO/IEC 10116 appears in secure storage solutions by companies such as Deloitte-affiliated providers, cloud services from Amazon Web Services and Google Cloud Platform, and in embedded devices manufactured by ARM Holdings and Intel Corporation. Software libraries implementing the mode include references in projects like OpenSSL, LibreSSL, and Bouncy Castle, and are used in products certified under programs by Underwriters Laboratories and Common Criteria. Interoperability testing often occurs at events organized by OASIS and IETF working groups and is examined in case studies from European Union Agency for Cybersecurity and national CERTs like CERT/CC.

History and Revisions

The standard emerged during work in ISO/IEC JTC 1 and its subcommittees alongside contemporaneous efforts such as ISO/IEC 9797 and later harmonization with recommendations from NIST. Revisions and corrigenda consider developments from cryptanalytic results presented at conferences like RSA Conference and Black Hat, and input from research groups at University of California, Berkeley and ETH Zurich. Successive editions reflect changing practice influenced by retirements of algorithms like DES and the adoption of AES following the AES competition by NIST.

Relationship to Other Standards

ISO/IEC 10116 is related to standards addressing block cipher modes and message authentication such as ISO/IEC 9797, ISO/IEC 18033, and FIPS 197. It is frequently cross-referenced in procurement specifications issued by entities including European Commission directorates and agencies like NATO for secure communications and aligns with cryptographic frameworks recommended by NIST and guidance from ENISA. Implementers consider interoperability with protocols standardized by IETF (for example RFC 3526-class documents) and with industry schemes from bodies like PCI SSC and ITU-T.

Category:Cryptographic standards