Distinguished Encoding Rules: Difference between revisions

This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Distinguished Encoding Rules" – news · newspapers · books · scholar · JSTOR (June 2008) (Learn how and when to remove this message)

Distinguished Encoding Rules (DER), is a message transfer syntax specified by the ITU in X.690. The Distinguished Encoding Rules of ASN.1 is an International Standard drawn from the constraints placed on basic encoding rules (BER) encodings by X.509. DER encodings are valid BER encodings. DER is the same thing as BER with all but one sender's options removed.

DER is a subset of Basic Encoding Rules (BER) providing for exactly one way to encode an ASN.1 value. DER is intended for situations when a unique encoding is needed, such as in in cryptography and ensures that a data structure that needs to be digitally signed produces a unique serialized representation. DER can be seen as a canonical form of BER (see also Canonical Encoding Rules).

For example, in BER a boolean value of true can be encoded as any of 255 non-zero byte values, while in DER there is only one way to encode a boolean value of true.

The most significant DER encoding constraints are:

1. Length encoding must use the definite form
   • Additionally, the shortest possible length encoding must be used
2. Bitstring, octetstring, and restricted character strings must use the definite length form
3. Elements of a Set are encoded in sorted order, based on their tag value

DER is widely used for digital certificates such as X.509.

• DER standard in PDF
• ASN.1 BER and DER Encoding