CAN/CSA-ISO/IEC 9798-5:05

This National Standard of Canada is equivalent to International Standard ISO/IEC 9798-5:2004. 1 Scope This part of ISO/IEC 9798 specifies entity authentication mechanisms using zero-knowledge techniques. - Clause 5 specifies mechanisms (already present in the first edition, ISO/IEC 9798-4:1999) based on identities and providing unilateral authentication. They have been repaired after the withdrawal of ISO/IEC 9796:1991. - Clause 6 specifies mechanisms (inserted in this second edition) based on integer factorization and providing unilateral authentication. - Clauses 7 and 8 specify mechanisms based on discrete logarithms with respect to numbers that are either prime (see Clause 7, mechanisms already present in the first edition) or composite (see Clause 8, mechanisms inserted in the second edition), and providing unilateral authentication. - Clause 9 specifies mechanisms based on asymmetric encipherment systems and providing either unilateral (see 9.3, mechanisms already present in the first edition), or mutual (see 9.4, mechanisms inserted in the second edition) authentication. The verifier associates the correct verification key with the claimant by any appropriate procedure, for example, by retrieving it from a certificate. Such procedures are outside the scope of this part of ISO/IEC 9798. To identify each mechanism, Annex A specifies object identifiers in accordance with ISO/IEC 8825-1. These mechanisms are constructed using the principles of zero-knowledge techniques, but they will not be zero-knowledge according to the strict definition sketched in Annex B for every choice of parameters. Annex C compares the mechanisms and provides guidance on parameter choices. Annex D provides numerical examples.