Distinguished Encoding Rules
Encyclopedia
Distinguished Encoding Rules (DER), is a message transfer syntax specified by the ITU
in X.690. The Distinguished Encoding Rules of ASN.1 is an International Standard drawn from the constraints placed on basic encoding rules (BER)
encodings by X.509. DER encodings are valid BER encodings. DER is the same thing as BER with all but one sender's options removed.
DER is a subset of Basic Encoding Rules (BER) providing for exactly one way to encode an ASN.1 value. DER is intended for situations when a unique encoding is needed, such as in cryptography
and ensures that a data structure that needs to be digitally signed produces a unique serialized representation. DER can be seen as a canonical form
of BER (see also Canonical Encoding Rules
).
For example, in BER a Boolean value of true can be encoded as any of 255 non-zero byte values, while in DER there is only one way to encode a boolean value of true.
The most significant DER encoding constraints are:
DER is widely used for digital certificates such as X.509
.
Itu
Itu is an old and historic municipality in the state of São Paulo in Brazil. The population in 2009 was 157,384 and the area is 641.68 km². The elevation is 583 m. This place name comes from the Tupi language, meaning big waterfall. Itu is linked with the highway numbered the SP-75 and are flowed...
in X.690. The Distinguished Encoding Rules of ASN.1 is an International Standard drawn from the constraints placed on basic encoding rules (BER)
Basic Encoding Rules
The Basic Encoding Rules is one of the encoding formats defined as part of the ASN.1 standard specified by the ITU in X.690.-Description:...
encodings by X.509. DER encodings are valid BER encodings. DER is the same thing as BER with all but one sender's options removed.
DER is a subset of Basic Encoding Rules (BER) providing for exactly one way to encode an ASN.1 value. DER is intended for situations when a unique encoding is needed, such as in cryptography
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
and ensures that a data structure that needs to be digitally signed produces a unique serialized representation. DER can be seen as a canonical form
Canonical form
Generally, in mathematics, a canonical form of an object is a standard way of presenting that object....
of BER (see also Canonical Encoding Rules
Canonical Encoding Rules
Canonical Encoding Rules is a message transfer syntax specified by the ITU in X.690. It is a restricted variant of Basic Encoding Rules for producing unequivocal transfer syntax for data structures described by ASN.1....
).
For example, in BER a Boolean value of true can be encoded as any of 255 non-zero byte values, while in DER there is only one way to encode a boolean value of true.
The most significant DER encoding constraints are:
- Length encoding must use the definite form
- Additionally, the shortest possible length encoding must be used
- Bitstring, octetstring, and restricted character strings must use the definite length form
- Elements of a Set are encoded in sorted order, based on their tag value
DER is widely used for digital certificates such as X.509
X.509
In cryptography, X.509 is an ITU-T standard for a public key infrastructure and Privilege Management Infrastructure . X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation...
.