没有合适的资源?快使用搜索试试~ 我知道了~
ISO 9796-2
1星 需积分: 33 26 下载量 130 浏览量
2016-06-15
15:23:19
上传
评论
收藏 963KB PDF 举报
温馨提示
试读
56页
ISO 9796-2
资源推荐
资源详情
资源评论
Reference numbe
r
ISO/IEC 9796-2:2002(E)
©
ISO/IEC 2002
INTERNATIONAL
STANDARD
ISO/IEC
9796-2
Second edition
2002-10-01
Information technology — Security
techniques — Digital signature schemes
giving message recovery —
Part 2:
Integer factorization based mechanisms
Technologies de l'information — Techniques de sécurité — Schémas de
signature numérique rétablissant le message —
Partie 2: Mécanismes basés sur une factorisation entière
ISO/IEC 9796-2:2002(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not
be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this
file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat accepts no liability in this
area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters
were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event
that a problem relating to it is found, please inform the Central Secretariat at the address given below.
© ISO/IEC 2002
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic
or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISO's member body
in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.ch
Web www.iso.ch
Printed in Switzerland
ii
© ISO/IEC 2002 – All rights reserved
ISO/IEC 9796-2:2002(E)
© ISO/IEC 2002 – All rights reserved iii
Contentss
Foreword......................................................................................................................................................................v
Introduction................................................................................................................................................................vi
1Scope...............................................................................................................................................................1
2Normative references....................................................................................................................................1
3 Terms and definitions....................................................................................................................................1
4Symbols and abbreviated terms...................................................................................................................3
5 Converting between bit strings and integers..............................................................................................5
6 Requirements .................................................................................................................................................5
7 Model for signature and verification processes .........................................................................................6
7.1 Signing a message.........................................................................................................................................7
7.1.1 Overview .........................................................................................................................................................7
7.1.2 Message allocation ........................................................................................................................................7
7.1.3 Message representative production ............................................................................................................7
7.1.4 Signature production.....................................................................................................................................7
7.2 Verifying a signature......................................................................................................................................8
7.2.1 Overview .........................................................................................................................................................8
7.2.2 Signature opening..........................................................................................................................................8
7.2.3 Message recovery ..........................................................................................................................................8
7.2.4 Message assembly.........................................................................................................................................8
7.3 Specifying a signature scheme ....................................................................................................................8
8 Digital signature scheme 1 ...........................................................................................................................9
8.1 Parameters......................................................................................................................................................9
8.1.1 Modulus length...............................................................................................................................................9
8.1.2 Trailer field options........................................................................................................................................9
8.1.3 Capacity ..........................................................................................................................................................9
8.2 Message representative production ............................................................................................................9
8.2.1 Hashing the message ....................................................................................................................................9
8.2.2 Formatting ......................................................................................................................................................9
8.3 Message recovery ........................................................................................................................................10
9 Digital signature scheme 2 .........................................................................................................................11
9.1 Parameters....................................................................................................................................................11
9.1.1 Modulus length.............................................................................................................................................11
9.1.2 Salt length.....................................................................................................................................................11
9.1.3 Trailer field options......................................................................................................................................11
9.1.4 Capacity ........................................................................................................................................................12
9.2 Message representative production ..........................................................................................................12
9.2.1 Hashing the message..................................................................................................................................12
9.2.2Formatting....................................................................................................................................................12
9.3Message recovery ........................................................................................................................................12
10 Digital signature scheme 3 .........................................................................................................................13
Annex A (normative) Public key system for digital signature ..............................................................................14
Annex B (normative) Mask generation function ....................................................................................................18
Annex C (informative) On hash-function identifiers and the choice of the recoverable length of the
message........................................................................................................................................................20
Annex D (informative) Examples..............................................................................................................................21
Bibliography ..............................................................................................................................................................47
Page
ISO/IEC 9796-2:2002(E)
iv © ISO/IEC 2002 – All rights reserved
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission)
form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC
participate in the development of International Standards through technical committees established by the
respective organization to deal with particular fields of technical activity. ISO and IEC technical committees
collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in
liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have
established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 3.
The main task of the joint technical committee is to prepare International Standards. Draft International Standards
adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International
Standard requires approval by at least 75 % of the national bodies casting a vote.
ISO/IEC 9796-2 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 27, IT Security techniques.
This second edition cancels and replaces the first edition (ISO/IEC 9796-2:1997), which has been technically
revised. Implementations which comply with ISO/IEC 9796-2 (1st edition), and which use a hash-code of at least
160 bits in length, will be compliant with ISO/IEC 9796-2 (2nd edition). Note, however, that implementations
complying with ISO/IEC 9796-2 (1st edition) that use a hash-code of less than 160 bits in length will not be
compliant with ISO/IEC 9796-2 (2nd edition).
ISO/IEC 9796 consists of the following parts, under the general title Information technology — Security
techniques — Digital signature schemes giving message recovery:
— Part 1: Mechanisms using redundancy
— Part 2: Integer factorization based mechanisms
— Part 3: Discrete logarithm based mechanisms
Further parts may follow.
Annexes A and B form a normative part of this part of ISO/IEC 9796. Annexes C and D are for information only.
ISO/IEC 9796-2:2002(E)
© ISO/IEC 2002 – All rights reserved v
Introduction
Digital signature mechanisms can be used to provide services such as entity authentication, data origin
authentication, non-repudiation, and integrity of data. A digital signature mechanism satisfies the following
requirements.
• Given the verification key but not the signature key it shall be computationally infeasible to produce a valid
signature for any message.
• Given the signatures produced by a signer, it shall be computationally infeasible to produce a valid signature
on a new message or to recover the signature key.
• It shall be computationally infeasible, even for the signer, to find two different messages with the same
signature.
NOTE Computational feasibility depends on the specific security requirements and environment.
Most digital signature mechanisms are based on asymmetric cryptographic techniques and involve three basic
operations.
• A process for generating pairs of keys, where each pair consists of a private signature key and the
corresponding public verification key.
• A process that uses the signature key, called the signature process.
• A process that uses the verification key, called the verification process.
There are two types of digital signature mechanisms.
• When, for a given signature key, two signatures produced for the same message are identical, the mechanism
is said to be non-randomized (or deterministic); see ISO/IEC 14888-1.
• When, for a given message and signature key, each application of the signature process produces a different
signature, the mechanism is said to be randomized.
The first and third of the three mechanisms specified in this part of ISO/IEC 9796 are deterministic (non-
randomized), whereas the second of the three mechanisms specified is randomized.
Digital signature mechanisms can also be divided into the following two categories:
• When the whole message has to be stored and/or transmitted along with the signature, the mechanism is
named a “signature mechanism with appendix” (see ISO/IEC 14888).
• When the whole message, or part of it, can be recovered from the signature, the mechanism is named a
“signature mechanism giving message recovery” (see ISO/IEC 9796 (all parts)).
NOTE Any signature mechanism giving message recovery, for example, the mechanisms specified in ISO/IEC 9796 (all
parts), can be converted to give a digital signature with appendix. This can be achieved by applying the signature mechanism
to a hash-code derived as a function of the message. If this approach is employed, then all parties generating and verifying
signatures must agree on this approach, and must also have a means of unambiguously identifying the hash-function to be
used to generate the hash-code from the message.
The mechanisms specified in ISO/IEC 9796 (all parts) give either total or partial recovery, with the objective of
reducing storage and transmission overhead. If the message is short enough, then the entire message can be
included in the signature, and recovered from the signature in the verification process. Otherwise, a part of the
message can be included in the signature, and the remainder stored and/or transmitted along with the signature.
剩余55页未读,继续阅读
资源评论
- ulynn82032017-11-01这个版本已经作废了
邹德强
- 粉丝: 217
- 资源: 11
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功