Information technology - Security techniques - Digital signatures with appendix - Part 2: Integer factorization based mechanisms

Designation Number:
CSA ISO/IEC 14888-2:09 (R2019)
Standard Type:
National Standard of Canada - Adoption of International Standard
Standard Development Activity:
Reaffirmation
ICS code(s):
35.040
Status:
Proceeding to development
SDO Comment Period Start Date:
SDO Comment Period End Date:
Posted On:

Scope:

Scope

This part of ISO/IEC 14888 specifies digital signatures with appendix whose security is based on the difficulty of factoring the modulus in use. For each signature scheme, it specifies:

a) the relationships and constraints between all the data elements required for signing and verifying;
b) a signature mechanism, i.e., how to produce a signature of a message with the data elements required for signing;
c) a verification mechanism, i.e., how to verify a signature of a message with the data elements required for verifying.

The production of key pairs requires random bits and prime numbers. The production of signatures often requires random bits. Techniques for producing random bits and prime numbers are outside the scope of this part of ISO/IEC 14888. For further information, see ISO/IEC 18031 [33] and ISO/IEC 18032 [34].

Various means are available to obtain a reliable copy of the public verification key, e.g., a public key certificate.

Techniques for managing keys and certificates are outside the scope of this part of ISO/IEC 14888. For further information, see ISO/IEC 9594-8 [27], ISO/IEC 11770 [31] and ISO/IEC 15945 [32].

Project need:

Project Need
To review the Standard within the required 5 year period.

Note: The information provided above was obtained by the Standards Council of Canada (SCC) and is provided as part of a centralized, transparent notification system for new standards development. The system allows SCC-accredited Standards Development Organizations (SDOs), and members of the public, to be informed of new work in Canadian standards development, and allows SCC-accredited SDOs to identify and resolve potential duplication of standards and effort.

Individual SDOs are responsible for the content and accuracy of the information presented here. The text is presented in the language in which it was provided to SCC.