1、 Collection of SANS standards in electronic format (PDF) 1. Copyright This standard is available to staff members of companies that have subscribed to the complete collection of SANS standards in accordance with a formal copyright agreement. This document may reside on a CENTRAL FILE SERVER or INTRA
2、NET SYSTEM only. Unless specific permission has been granted, this document MAY NOT be sent or given to staff members from other companies or organizations. Doing so would constitute a VIOLATION of SABS copyright rules. 2. Indemnity The South African Bureau of Standards accepts no liability for any
3、damage whatsoever than may result from the use of this material or the information contain therein, irrespective of the cause and quantum thereof. ISBN 978-0-626-22048-8 SANS 7064:2009Edition 1ISO/IEC 7064:2003Edition 1SOUTH AFRICAN NATIONAL STANDARDInformation technology Security techniques Check c
4、haracter systems This national standard is the identical implementation of ISO/IEC 7064:2003 and is adopted with the permission of the International Organization for Standardization and the International Electrotechnical Commission. Published by SABS Standards Division 1 Dr Lategan Road Groenkloof P
5、rivate Bag X191 Pretoria 0001Tel: +27 12 428 7911 Fax: +27 12 344 1568 www.sabs.co.za SABS SANS 7064:2009 Edition 1 ISO/IEC 7064:2003 Edition 1 Table of changes Change No. Date Scope National foreword This South African standard was approved by National Committee SABS TC 71F, Information technology
6、Information security, in accordance with procedures of the SABS Standards Division, in compliance with annex 3 of the WTO/TBT agreement. This SANS document was published in May 2009. Reference numberISO/IEC 7064:2003(E)ISO/IEC 2003INTERNATIONAL STANDARD ISO/IEC7064First edition2003-02-15Information
7、technology Security techniques Check character systems Technologies de linformation Techniques de scurit Systmes de caractres de contrle SANS 7064:2009This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 7064:2003(E) PDF disclaimer This PD
8、F file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein
9、 the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the P
10、DF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. ISO/IEC 2003 All rights rese
11、rved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the reques
12、ter. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2003 All rights reservedSANS 7064:2009This s tandard may only be used and printed by approved subscription and freemail
13、ing clients of the SABS .ISO/IEC 7064:2003(E) ISO/IEC 2003 All rights reserved iiiContents1Scope 12Termsanddefinitions 13Symbolsandnotation 24Typesofsystems 24.1 Pure systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24.2 Hybrid systems . . . . .
14、 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Complianceanddesignation 25.1 Strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25.2 Check character generating products . . . . . . . . . . . . . . .
15、. . . . . . . . . . . . . . . . . . . . 25.3 Checking products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25.4 System designation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26Specificationofpuresystems 36.1
16、 Formula . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36.2 Calculation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46.3 Check character position . . . . . . . . . . . . . . . . . . . . . .
17、. . . . . . . . . . . . . . . . . . . . 47Computationalmethodsforpuresystemswithonecheckcharacter 47.1 Pure system recursive method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47.1.1 Computation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
18、 . . . . . . . . 47.1.2 Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57.2 Pure system polynomial method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57.2.1 Computation . . . . . . . . . . . . . . . . . . . . . . .
19、. . . . . . . . . . . . . . . . . . . . . 57.2.2 Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Computationalmethodsforpuresystemswithtwocheckcharacters 68.1Computation68.2Exampleusingrecursivemethod.68.3 Example using polynomial method . . .
20、. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78.4 Simplified procedure for ISO/IEC 7064, MOD 9710 . . . . . . . . . . . . . . . . . . . . . . . . . . 79Specificationforhybridsystems 79.1 Formula . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
21、. . . . . . . . . 79.2 Check character position . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 810Computationalmethodforhybridsystems 810.1Hybridsystemrecursivemethod.810.1.1 Computation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
22、. . . . . . 810.1.2Example.8Annex A (informative) Criteria for the selection of check character systems for applications . 10Annex B (informative) Check character systems for other alphabets . 12Bibliography 13SANS 7064:2009This s tandard may only be used and printed by approved subscription and fre
23、emailing clients of the SABS .ISO/IEC 7064:2003(E) iv ISO/IEC 2003 All rights reservedForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members
24、of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organiz
25、ations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC D
26、irectives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of
27、 the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 7064 was prepared by Joint Technical Committee I
28、SO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security techniques. This first edition of ISO/IEC 7064 cancels and replaces ISO 7064:1983, which has been technically revised. Note,however, that implementations which comply with ISO 7064:1983 will be compliant with ISO/IEC 7064:2003. SA
29、NS 7064:2009This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 7064:2003(E) ISO/IEC 2003 All rights reserved vIntroductionThe need for standardization of check character systems was determined by the following considerations:a)ofthemulti
30、tudeofsystemsinuse,manyhaveverysimilarcharacteristics,andmuchofthevarietyfailstoprovideanysignificantbenefit;b)fewoftheexistingsystemshavebeenthoroughlyverifiedmathematicallyandseveralhaveseriousdefects;c) the variety of systems undermines the economics of products which generate or validate check c
31、haracters, andfrequentlypreventsthecheckingofinterchangeddata.Therefore a small set of compatible systems were selected to cope with various application needs; they werevalidated, and within the constraints of each application, offer high protection against typical transcription andkeying errors.Exi
32、sting check character systems as specified in ISO 2108, ISO 2894 and ISO 6166 are used in special applicationfields (ISO 2894 has been withdrawn). These do not however, achieve the error detection rate of the systemsspecified in this International Standard.Annex A summarizes the criteria to be consi
33、dered when selecting a check character system specified in thisInternational Standard for a particular application.Annex B provides an example of a method by which this standard may be applied to an alphabet that has morethan 26 characters.SANS 7064:2009This s tandard may only be used and printed by
34、 approved subscription and freemailing clients of the SABS .SANS 7064:2009This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .INTERNATIONALSTANDARD ISO/IEC 7064:2003(E)Information technology Security techniques Check character systems1 Scope1.1 T
35、his International Standard specifies a set ofcheck character systems capable of protecting stringsagainst errors which occur when people copy or typedata. The strings may be of fixed or variable lengthand may have character sets which area) numeric (10 digits: 0 to 9);b) alphabetic (26 letters: A to
36、 Z); andc) alphanumeric (letters and digits).Embedded spaces and special characters are ignored.1.2 This International Standard specifies confor-mance requirements for products described as gener-ating check characters or checking strings using thesystems given in this International Standard.1.3 The
37、se check character systems can detect:a) all single substitution errors (the substitution of asingle character for another, for example “4234”for “1234)”;b) all or nearly all single (local) transposition errors(the transposition of two single characters, eitheradjacent or with one character between
38、them, forexample “12354” or “12543” for “12345”);c) all or nearly all circular shift errors (circular shiftsof the whole string to the left or right);d) a high proportion of double substitution er-rors (two separate single substitution errors inthe same string, for example “7234587” for“1234567)”; a
39、nde) a high proportion of all other errors.1.4 This International Standard excludes systemsdesigned specifically to:a) permit both error detection and automatic correc-tion;b) detect deliberate falsification; andc) check strings interchanged solely between ma-chines.1.5 This International Standard i
40、s for use in infor-mation interchange between organizations. It is alsostrongly recommended for use in internal informationsystems.2 Terms and definitionsFor the purposes of this International Standard, thefollowing terms and definitions apply.2.1 check character: Added character which maybe used to
41、 verify the accuracy of the string by amathematical relationship to that string.2.2 check character system: Set of rules for gen-erating check characters and checking strings in-corporating check characters.2.3 supplementary check character: Checkcharacter which does not belong to the charac-ter set
42、 of the strings which are to be protected.2.4 modulus: Integer used as a divisor of an integerdividend in order to obtain an integer remainder.2.5 congruence: Property of a set of integers whichdiffer from each other by a multiple of the mod-ulus. Congruence is indicated by the symbol .For example,
43、39 6 (mod11) indicates that 39and 6 are congruent with respect to the modulus11, i.e., 39 6 = 33, which is a multiple of 11.2.6 radix: Base of a geometric progression.cISO/IEC2003 Allrightsreserve 1SANS 7064:2009This s tandard may only be used and printed by approved subscription and freemailing cli
44、ents of the SABS .ISO/IEC7064:2003(E)3SymbolsandnotationThroughout ISO/IEC 7064 the following symbols andnotation are used.aiNumerical value of the character in position i.i Index of the character position.M Modulus.n Number of characters in a string, including thecheck character.Pj, Sj, V Integers
45、which are used in the calculationof the check character to store an intermediateresult.r Radix.wjWeight for the polynomial method.X, Supplementary check characters.:= A symbol denoting the set equal to operationused in the procedural specifications of checkcharacters, which indicates that the value
46、of theinteger on the left side of the symbol shall bemade equal to the value of the expression on theright side of the symbol. A symbol denoting congruence (see Clause 2.5).bardblMA symbol denoting the unique integer between 1and M that is the remainder after dividing by M;if this remainder is zero
47、then the value M shallbe substituted.|M+1A symbol denoting the unique integer between0 and M that is the remainder after dividing byM +1; the remainder is never zero after this op-eration.(modM) A symbol denoting the unique integer be-tween 0 and M 1 that is the remainder afterdividing by M.4 Types of systemsThis International Standard specifies two types of sys-tems:a) pure systems (Clauses 6, 7 and 8) andb) hybrid systems (Clauses 9 and 10).4.1 Pure systemsThe pure systems are listed in Table 1 and specifiedin Clauses 6, 7 and 8. They each use a single modulusfor all stage