ANSI INCITS ISO IEC 9796-2 AMD 1-2008 Information technology Security techniques Digital signature schemes giving message recovery Part 2 Mechanisms using a hash-function Amendment.pdf

1、INCITS/ISO/IEC 9796-2-2002/Amd.1-2008 (ISO/IEC 9796-2:2002/Amd.1:2008, IDT) Information technology Security techniques Digital signature schemesgiving message recovery Part 2: Mechanisms using ahash-function Amendment 1INCITS/ISO/IEC 9796-2-2002/Amd.1-2008 (ISO/IEC 9796-2:2002/Amd.1:2008, IDT)INCITS

2、/ISO/IEC 9796-2-2002/Amd.1-2008 ii ITIC 2008 All rights reserved PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed o

3、n the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products us

4、ed to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please

5、inform the Central Secretariat at the address given below. Adopted by INCITS (InterNational Committee for Information Technology Standards) as an American National Standard. Date of ANSI Approval: 11/11/2008 Published by American National Standards Institute, 25 West 43rd Street, New York, New York

6、10036 Copyright 2008 by Information Technology Industry Council (ITI). All rights reserved. These materials are subject to copyright claims of International Standardization Organization (ISO), International Electrotechnical Commission (IEC), American National Standards Institute (ANSI), and Informat

7、ion Technology Industry Council (ITI). Not for resale. No part of this publication may be reproduced in any form, including an electronic retrieval system, without the prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW, Washington

8、, DC 20005. Printed in the United States of America INCITS/ISO/IEC 9796-2-2002/Amd.1-2008 ITIC 2008 All rights reserved iiiForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardizati

9、on. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual

10、interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance

11、with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard

12、requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Amendment 1 to ISO/

13、IEC 9796-2:2002 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security techniques. INCITS/SO/IEC 9796-2-2002/Amd.1-2008 ITIC 2008 All rights reserved 1Information technology Security techniques Digital signature schemes giving message recover

14、y Part 2: Integer factorization based mechanisms AMENDMENT 1 Add the following text after page 46. 2 ITIC 2008 All rights reservedAnnex E (normative) ASN.1 module E.1 Formal definition MessageRecoverySignatureMechanisms iso(1) standard(0) signature-schemes(9796) part(2) asn1-module(1) message-recove

15、ry-signature-mechanisms(0) DEFINITIONS EXPLICIT TAGS := BEGIN IMPORTS HashFunctions FROM DedicatedHashFunctions iso(1) standard(0) hash-functions(10118) part(3) asn1-module(1) dedicated-hash-functions(0) ; SignatureWithMessageRecovery := SEQUENCE algorithm ALGORITHM.&id(MessageRecovery), parameters

16、ALGORITHM.&Type(MessageRecoveryalgorithm) OPTIONAL MessageRecovery ALGORITHM := dswmr-mechanism1A | dswmr-mechanism2A | dswmr-mechanism3A | dswmr-mechanism1N | dswmr-mechanism2N | dswmr-mechanism3N | dswmr-mechanism1A-sha1 | dswmr-mechanism2A-sha1 | dswmr-mechanism3A-sha1 | dswmr-mechanism1N-sha1 |

17、dswmr-mechanism2N-sha1 | dswmr-mechanism3N-sha1, . - Expect additional signature scheme objects - dswmr-mechanism1A ALGORITHM := OID mechanism1A PARMS HashFunctions dswmr-mechanism2A ALGORITHM := OID mechanism2A PARMS HashFunctions dswmr-mechanism3A ALGORITHM := OID mechanism3A PARMS HashFunctions d

18、swmr-mechanism1N ALGORITHM := OID mechanism1N PARMS HashFunctions INCITS/ISO/IEC 9796-2-2002/Amd.1-2008 ITIC 2008 All rights reserved 3 dswmr-mechanism2N ALGORITHM := OID mechanism2N PARMS HashFunctions dswmr-mechanism3N ALGORITHM := OID mechanism3N PARMS HashFunctions dswmr-mechanism1A-sha1 ALGORIT

19、HM := OID mechanism1A-sha1 dswmr-mechanism2A-sha1 ALGORITHM := OID mechanism2A-sha1 dswmr-mechanism3A-sha1 ALGORITHM := OID mechanism3A-sha1 dswmr-mechanism1N-sha1 ALGORITHM := OID mechanism1N-sha1 dswmr-mechanism2N-sha1 ALGORITHM := OID mechanism2N-sha1 dswmr-mechanism3N-sha1 ALGORITHM := OID mecha

20、nism3N-sha1 - Cryptographic algorithm identification - ALGORITHM := CLASS &id OBJECT IDENTIFIER UNIQUE, &Type OPTIONAL WITH SYNTAX OID &id PARMS &Type - Message recovery signature mechanisms - OID := OBJECT IDENTIFIER - Alias signatureMechanismA OID := iso(1) standard(0) signature-schemes(9796) part

21、2(2) mechanism(0) alternate(0) mechanism1A OID := signatureMechanismA mechanism1(0) mechanism2A OID := signatureMechanismA mechanism2(1) mechanism3A OID := signatureMechanismA mechanism3(2) signatureMechanismN OID := iso(1) standard(0) signature-schemes(9796) part2(2) mechanism(0) normal(1) mechanis

22、m1N OID := signatureMechanismN mechanism1(0) mechanism2N OID := signatureMechanismN mechanism2(1) mechanism3N OID := signatureMechanismN mechanism3(2) - Combined signature scheme and hash-function mechanisms - mechanismA-Hash OID := iso(1) standard(0) signature-schemes(9796) part2(2) mechanismHash(2

23、) alternate(0) mechanism1A-sha1 OID := mechanismA-Hash mechanism1-SHA1(0) INCITS/ISO/IEC 9796-2-2002/Amd.1-2008 4 ITIC 2008 All rights reservedmechanism2A-sha1 OID := mechanismA-Hash mechanism2-SHA1(1) mechanism3A-sha1 OID := mechanismA-Hash mechanism3-SHA1(2) mechanismN-Hash OID := iso(1) standard(

24、0) signature-schemes(9796) part2(2) mechanismHash(2) normal(1) mechanism1N-sha1 OID := mechanismN-Hash mechanism1-SHA1(0) mechanism2N-sha1 OID := mechanismN-Hash mechanism2-SHA1(1) mechanism3N-sha1 OID := mechanismN-Hash mechanism3-SHA1(2) END - MessageRecoverySignatureMechanisms - E.2 Use of subseq

25、uent object identifiers Each of the signature schemes uses a hash-function, a sequence containing a hash algorithm identifier and any associated parameters. Therefore, the signature scheme object identifier may be followed by one of the dedicated hash-function algorithm identifiers specified in ISO/

26、IEC 10118-3 and any associated parameters. Using the ASN.1 XML value notation, a value of type SignatureWithMessageRecovery using normal signature processing mechanism 1 defined in this Standard and the SHA-1 hash-function defined in ISO/IEC 10118-3 would be represented as: 1.0.9796.2.0.1.0 1.3.14.3

27、.2.26 A value of type SignatureWithMessageRecovery using the combined object identifier for normal signature processing mechanism 1 and the SHA-1 hash-function has the simpler form: 1.0.9796.2.2.1.0 INCITS/ISO/IEC 9796-2-2002/Amd.1-2008INCITS/ISO/IEC 9796-2-2002/Amd.1-2008 ICS 35.040 Price based on 4 pages ITIC 2008 All rights reserved