PKCS is an acronym for Public Key Cryptography Standards. This series of standards has been developed by RSA DSI from about 1991 until now. These standards are supported by much of the crypto software in the world, and are used in widely known protocols like SSL, S/MIME, and SET. Where applicable, PKCS matches with X.509 (most of the time, anyway). Of course, no application uses all of PKCS, but for any crypto application, there is probably at least one or two PKCS standards which could apply.

PKCS uses ASN.1 (a lot), and implementing most of the interesting parts of PKCS requires you to write or acquire software for BER/DER processing. Thankfully, RSA DSI also put out a document entitled "A Layman's Guide to ASN.1, BER, and DER", which explains much of what is required.

This list has some brief coverage of what is in the PKCS documents. The hardlinks to the particular PKCS documents are dead right now -- I've added them in case anyone feels like filling in the details about a particular PKCS document.

  • PKCS #1: RSA public key cryptography. Covers the algorithm itself, key generation, various encoding methods (including OAEP and PSS), and formatting public and private keys for exporting outside the application. Probably the most important PKCS document.
  • PKCS #2: Was merged into PKCS #1
  • PKCS #3: Diffie-Hellman. This standard hasn't been updated since 1993, and is pretty obsolete. IEEE 1363 has better DH coverage than PKCS
  • PKCS #4: Was merged into PKCS #1
  • PKCS #5: Passphrase Based Cryptography. This gives various methods for encrypting based on an passphrase. This is used elsewhere in PKCS, such as in PKCS #8 where it is used for encrypting private keys.
  • PKCS #6: An extension of X.509. Deprecated, and not used or supported by anything that I know of.
  • PKCS #7: An early version of S/MIME. More recent versions are based on CMS, however.
  • PKCS #8: Private key formats. This document standardizes how to convert a private key into a string of bytes in a standard way. It also allows you to encrypt the key with a passphrase.
  • PKCS #9: Attribute Types. Basically OIDs for PKCS #7, #8, and #10.
  • PKCS #10: Certificate Requests. Defines a format for requesting a new X.509 certificate from a CA.
  • PKCS #11 (aka Cryptoki): This is an API document that specifies how an application can interact with a cryptographic token (such as a smartcard).
  • PKCS #12: Similar to PKCS #8, this specifies how to export and safeguard private keys. This particular format is a total mess. Coincidentally, it was designed by Microsoft.
  • PKCS #13: Elliptic Curve Crytpography. Unfinished.
  • PKCS #14: ?
  • PKCS #15: Smart card formats.

One funny thing related to PKCS: Back when RSA was patented, everyone complained about RSA DSI making money (and lots of it), basically by being lucky. You're not supposed to be able to patent mathematical formulas, and that's just what they did. But on one occasion, someone on a mailing list (I'm not sure who) pointed out that it was only because of the RSA patent that things like the PKCS could exist. Creating a standard requires a lot of money, and RSA DSI did not gain financially from creating PKCS. Only by having a war chest of patent royalities could something like this happen.

By 2000 or so, organizations with money to burn like the IEEE and ISO were standardizing public key crypto. But back in the early 1990s, PKCS was all there was (which is why the techniques in them are everywhere now).