Customer Service:
Mon - Fri: 8:30 am - 6 pm EST

Digital Signature

Digital signature standards are published by ISOm and IEC. they cover integer factorization, discrete logarithm based mechanisms, and TTP services

ISO/IEC 14888-1:2008

Information technology - Security techniques - Digital signatures with appendix - Part 1: General

There are two types of digital signature mechanism: When the verification process needs the message as part of the input, the mechanism is called signature mechanism with appendix . A hash-function is in used in the calculation of the appendix. When the verification process reveals all or part of the message, the mechanism is called a signature mechanism giving message recovery . A hash-function is also used in the generation and verification of these signatures. ISO/IEC 14888 specifies digital signatures with appendix. ISO/IEC 14888-1:2008 specifies general principles and requirements for digital signatures with appendix. ISO/IEC 14888-2 addresses digital signatures based on integer factoring, and ISO/IEC 14888-3 addresses digital signatures based on discrete logarithm. Signature mechanisms giving message recovery are specified in ISO/IEC 9796. Hash-functions are specified in ISO/IEC 10118.

Available in Packages Available for Subscriptions

ISO/IEC 14888-2:2008

Information technology - Security techniques - Digital signatures with appendix - Part 2: Integer factorization based mechanisms

ISO/IEC 14888 specifies digital signature with appendix. As no part of the message is recovered from the signature (the recoverable part of the message is empty), the signed message consists of the signature and the whole message. NOTE ISO/IEC 9796 specifies digital signature giving message recovery. As all or part of the message is recovered from the signature, the recoverable part of the message is not empty. The signed message consists of either the signature only (when the non-recoverable part of the message is empty), or both the signature and the non-recoverable part. ISO/IEC 14888-2:2008 specifies digital signatures with appendix whose security is based on the difficulty of factoring the modulus in use. For each signature scheme, it specifies: the relationships and constraints between all the data elements required for signing and verifying; a signature mechanism, i.e. how to produce a signature of a message with the data elements required for signing; a verification mechanism, i.e. how to verify a signature of a message with the data elements required for verifying. The title of ISO/IEC 14888-2 has changed from Identity-based mechanisms (first edition) to Integer factorization based mechanisms (second edition). ISO/IEC 14888-2:2008 includes the identity-based scheme specified in ISO/IEC 14888-2:1999, namely the GQ1 scheme. This scheme has been revised due to the withdrawal of ISO/IEC 9796:1991 in 1999. Among the certificate-based schemes specified in ISO/IEC 14888-3:1998, it includes all the schemes based on the difficulty of factoring the modulus in use, namely, the RSA, RW and ESIGN schemes. These schemes have been revised due to the withdrawal of ISO/IEC 9796:1991 in 1999. It takes into account ISO/IEC 14888-3:1998/Cor.1:2001, technical corrigendum of the ESIGN scheme. It includes a format mechanism, namely the PSS mechanism, also specified in ISO/IEC 9796-2:2002, and details of how to use it in each of the RSA, RW, GQ1 and ESIGN schemes. It includes new certificate-based schemes that use no format mechanism, namely, the GQ2, GPS1 and GPS2 schemes. For each scheme and its options, as needed, it provides an object identifier.

Available in Packages Available for Subscriptions

ISO/IEC 14888-3:2018

IT Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms

This document specifies digital signature mechanisms with appendix whose security is based on the discrete logarithm problem. This document provides a general description of a digital signature with appendix mechanism, and a variety of mechanisms that provide digital signatures with appendix. For each mechanism, this document specifies the process of generating a pair of keys, the process of producing signatures, and the process of verifying signatures. Annex A defines object identifiers assigned to the digital signature mechanisms specified in this document, and defines algorithm parameter structures. Annex B defines conversion functions of FE2I, I2FE, FE2BS, BS2I, I2BS, I2OS and OS2I used in this document. Annex D defines how to generate DSA domain parameters.

Available in Packages Available for Subscriptions

ISO/IEC 15945:2002

Information technology - Security techniques - Specification of TTP services to support the application of digital signatures

This Recommendation | International Standard will define those TTP services needed to support the application of digital signatures for the purpose of non-repudiation of creation of documents. This Recommendation | International Standard will also define interfaces and protocols to enable interoperability between entities associated with these TTP services. Definitions of technical services and protocols are required to allow for the implementation of TTP services and related commercial applications. This Recommendation | International Standard focuses on: implementation and interoperability; service specifications; and technical requirements. This Recommendation | International Standard does not describe the management of TTPs or other organizational, operational or personal issues. Those topics are mainly covered in ITU-T Rec. X.842 | ISO/IEC TR 14516, Information technology Security techniques Guidelines on the use and management of Trusted Third Party services.

Available for Subscriptions

ISO/IEC 9796-2:2010

Information technology - Security techniques - Digital signature schemes giving message recovery - Part 2: Integer factorization based mechanisms

ISO/IEC 9796-2:2010 specifies three digital signature schemes giving message recovery, two of which are deterministic (non-randomized) and one of which is randomized. The security of all three schemes is based on the difficulty of factorizing large numbers. All three schemes can provide either total or partial message recovery. ISO/IEC 9796-2:2010 specifies the method for key production for the three signature schemes. However, techniques for key management and for random number generation (as required for the randomized signature scheme), are outside the scope of ISO/IEC 9796-2:2010. The first mechanism specified in ISO/IEC 9796-2:2010 is only applicable for existing implementations, and is retained for reasons of backward compatibility.

Available in Packages Available for Subscriptions

ISO/IEC 9796-3:2006

Information technology - Security techniques - Digital signature schemes giving message recovery - Part 3: Discrete logarithm based mechanisms

A digital signature in electronic exchange of information provides the same kind of facilities that are expected from a handwritten signature in paper-based mail. Hence it is applicable to providing entity authentication, data origin authentication, non-repudiation, and integrity of data. ISO/IEC 9796-3:2006 specifies digital signature mechanisms giving partial or total message recovery aiming at reducing storage and transmission overhead. ISO/IEC 9796-3:2006 specifies mechanisms based on the discrete logarithm problem of a finite field or an elliptic curve over a finite field. ISO/IEC 9796-3:2006 defines types of redundancy: natural redundancy, added redundancy, or both. ISO/IEC 9796-3:2006 gives the general model for digital signatures giving partial or total message recovery aiming at reducing storage and transmission overhead. ISO/IEC 9796-3:2006 specifies six digital signature schemes giving data recovery: NR, ECNR, ECMR, ECAO, ECPV, and ECKNR. NR is defined on a prime field; ECNR, ECMR, ECAO, ECPV, and ECKNR are defined on an elliptic curve over a finite field.

Available in Packages Available for Subscriptions
ANSI Logo

As the voice of the U.S. standards and conformity assessment system, the American National Standards Institute (ANSI) empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment.

Useful Links
CUSTOMER SERVICE
NEW YORK OFFICE
ANSI HEADQUARTERS
2024 © American National Standards Institute (ANSI) All Rights Reserved.