ANSI ISO IEC 15946-2-2002 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 2 Digital signatures (Adopted by INCITS)《信息技术.安全技术.基于椭圆曲.pdf

上传人:eventdump275 文档编号:437213 上传时间:2018-11-14 格式:PDF 页数:36 大小:586KB
下载 相关 举报
ANSI ISO IEC 15946-2-2002 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 2 Digital signatures (Adopted by INCITS)《信息技术.安全技术.基于椭圆曲.pdf_第1页
第1页 / 共36页
ANSI ISO IEC 15946-2-2002 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 2 Digital signatures (Adopted by INCITS)《信息技术.安全技术.基于椭圆曲.pdf_第2页
第2页 / 共36页
ANSI ISO IEC 15946-2-2002 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 2 Digital signatures (Adopted by INCITS)《信息技术.安全技术.基于椭圆曲.pdf_第3页
第3页 / 共36页
ANSI ISO IEC 15946-2-2002 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 2 Digital signatures (Adopted by INCITS)《信息技术.安全技术.基于椭圆曲.pdf_第4页
第4页 / 共36页
ANSI ISO IEC 15946-2-2002 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 2 Digital signatures (Adopted by INCITS)《信息技术.安全技术.基于椭圆曲.pdf_第5页
第5页 / 共36页
亲,该文档总共36页,到这儿已超出免费预览范围,如果喜欢就下载吧!
资源描述

1、 Reference numberISO/IEC 15946-2:2002(E)ISO/IEC 2002INTERNATIONAL STANDARD ISO/IEC15946-2First edition2002-12-01Information technology Security techniques Cryptographic techniques based on elliptic curves Part 2: Digital signatures Technologies de linformation Techniques de scurit Techniques cryptog

2、raphiques bases sur les courbes elliptiques Partie 2: Signatures digitales Adopted by INCITS (InterNational Committee for Information Technology Standards) as an American National Standard.Date of ANSI Approval: 7/7/2003Published by American National Standards Institute,25 West 43rd Street, New York

3、, New York 10036Copyright 2003 by Information Technology Industry Council (ITI).All rights reserved.These materials are subject to copyright claims of International Standardization Organization (ISO), InternationalElectrotechnical Commission (IEC), American National Standards Institute (ANSI), and I

4、nformation Technology Industry Council(ITI). Not for resale. No part of this publication may be reproduced in any form, including an electronic retrieval system, withoutthe prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW,Washin

5、gton, DC 20005.Printed in the United States of AmericaISO/IEC 15946-2:2002(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to an

6、d installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the softwar

7、e products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is f

8、ound, please inform the Central Secretariat at the address given below. ISO/IEC 2002 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permiss

9、ion in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2002 All rights res

10、ervedISO/IEC 15946-2:2002(E) ISO/IEC 2002 All rights reserved iiiContentsForewordvIntroduction vi1 Scope12 Normative references13 Symbols and abbreviated terms13.1 Terms and definitions .13.2 Symbols and notation.24 General Model for Digital Signatures with Appendix 34.1 Parameter Generation Process

11、34.1.1 Domain Parameters.34.1.2 User Parameters34.1.3 Validity of Parameters.34.2 Signature Generation Process.44.2.1 Randomizer44.3 Signature Verification Process 45 EC-GDSA Signature Algorithm 55.1 Domain and User Parameters 55.2 Signature Generation Process.55.2.1 Calculation of the message diges

12、t 55.2.2 Elliptic Curve Computations (Arithmetic operations in the underlying field).55.2.3 Computations modulo the group order of G (Arithmetic operations in F(n) 55.3 The Signature.65.4 Signature Verification Process 65.4.1 Signature Size Verification.65.4.2 Calculation of the message digest 65.4.

13、3 Elliptic Curve Computations 65.4.4 Signature Checking.66 EC-DSA.6ISO/IEC 15946-2:2002(E)iv ISO/IEC 2002 All rights reserved6.1 Domain and User Parameters . 66.2 Signature Generation Process 66.2.1 Calculation of the message digest . 76.2.2 Elliptic Curve Computations (Arithmetic operations in the

14、underlying field). 76.2.3 Computations modulo the group order of G. (Arithmetic operations in F(n) . 76.3 The Signature 76.4 Signature Verification Process . 76.4.1 Signature Size Verification 76.4.2 Calculation of the message digest . 86.4.3 Elliptic Curve Computations . 86.4.4 Signature Checking 8

15、7 EC-KCDSA. 87.1 Domain and User Parameters . 87.2 Signature Generation Process 87.2.1 Calculation of the message digest . 87.2.2 Elliptic Curve Computations (Arithmetic operations in the underlying field) 97.2.3 Computations modulo the group order of G (Arithmetic operations in F(n) 97.3 The Signat

16、ure 97.4 Signature Verification Process . 97.4.1 Signature Size Verification 97.4.2 Calculation of the message digest . 97.4.3 Elliptic Curve Computation . 97.4.4 Signature Checking 10Annex A (informative) Comparison. 11Annex B (informative) Examples. 13Bibliography . 29ISO/IEC 15946-2:2002(E) ISO/I

17、EC 2002 All rights reserved vForewordISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission)form the specialized system for worldwide standardization. National bodies that are members of ISO or IECparticipate in the development of Internationa

18、l Standards through technical committees established by therespective organization to deal with particular fields of technical activity. ISO and IEC technical committeescollaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, inliaison with ISO

19、and IEC, also take part in the work.International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 3.In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.Draft International Standards adopted by the jo

20、int technical committee are circulated to national bodies for voting.Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote.International Standard ISO/IEC 15946-2 was prepared by Joint Technical Committee ISO/IEC JTC 1, Informationtechnology

21、, Subcommittee SC 27, IT Security techniques.ISO/IEC 15946 consists of the following parts, under the general title Information technology Security techniques Cryptographic techniques based on elliptic curves: Part 1: General Part 2: Digital signatures Part 3: Key establishment Part 4: Digital signa

22、tures giving message recoveryAnnexes A and B of this part of ISO/IEC 15946 are for information only.ISO/IEC 15946-2:2002(E)vi ISO/IEC 2002 All rights reservedIntroductionSome of the most interesting and potentially useful of the public-key cryptosystems that are currently available arecryptosystems

23、based on elliptic curves defined over finite fields. The concept of an elliptic curve based public-keycryptosystem is rather simple: Every elliptic curve is endowed with a binary operation “+“ under which it forms a finite abelian group. The group law on elliptic curves extends in a natural way to a

24、 “discrete exponentiation“ on the point group ofthe elliptic curve. Based on the discrete exponentiation on an elliptic curve one can easily derive elliptic curve analogues of thewell known public-key schemes of Diffie-Hellman and ElGamal type.The security of such a public-key system depends on the

25、difficulty of determining discrete logarithms in the group ofpoints of an elliptic curve. This problem is - with current knowledge - much harder than the factorization of integersor the computation of discrete logarithms in a finite field. Indeed, since Miller and Koblitz in 1985independently sugges

26、ted the use of elliptic curves for public-key cryptographic systems, no substantial progress intackling the elliptic curve discrete logarithm problem has been reported. The only known general algorithms todetermine elliptic curve discrete logarithms take fully exponential time. Thus, it is possible

27、for elliptic curve basedpublic-key systems to use much shorter parameters than the RSA system or the classical discrete logarithm basedsystems that make use of the multiplicative group of some finite field. This yields significantly shorter digitalsignatures and system parameters and allows for comp

28、utations using smaller integers.It is the purpose of this document to meet the increasing interest in elliptic curve based public key technology anddescribe the components that are necessary to implement a secure digital signature system based on ellipticcurves.The International Organization for Sta

29、ndardization (ISO) and International Electrotechnical Commission (IEC) drawattention to the fact that it is claimed that compliance with this International Standard may involve the use ofpatents.ISO and IEC take no position concerning the evidence, validity and scope of these patent rights.The holde

30、rs of these patent rights have assured ISO and IEC that they are willing to negotiate licences underreasonable and non-discriminatory terms and conditions with applicants throughout the world. In this respect, thestatements of the holders of these patent rights are registered with ISO and IEC. Infor

31、mation may be obtained from:ISO/IEC JTC 1/SC 27 Standing Document 8 (SD 8)SD 8 is publicly available at:http:/www.din.de/ni/sc27Attention is drawn to the possibility that some of the elements of this part of ISO/IEC 15946 may be the subject ofpatent rights other than those identified above. ISO and

32、IEC shall not be held responsible for identifying any or allsuch patent rights.INTERNATIONAL STANDARD ISO/IEC 15946-2:2002(E) ISO/IEC 2002 All rights reserved 1Information technology Security techniques Cryptographictechniques based on elliptic curves Part 2: Digital signatures1 ScopeThis part of IS

33、O/IEC 15946 specifies public-key cryptographic techniques based on elliptic curves. They include theestablishment of keys for secret-key systems, and digital signature mechanisms.This part of ISO/IEC 15946 describes mechanisms for digital signatures. The mathematical background andgeneral techniques

34、 necessary for implementing the mechanisms are described in part 1 of ISO/IEC 15946.The scope of this part of ISO/IEC 15946 is restricted to cryptographic techniques based on elliptic curves definedover finite fields of prime power order (including the special cases of prime order and characteristic

35、 two). Therepresentation of elements of the underlying finite field (i.e. which basis is used) is outside the scope of this part ofISO/IEC 15946.This part of ISO/IEC 15946 does not fully specify the implementation of the techniques it defines. Thus, additionalspecification may be required to ensure

36、the compatibility of products complying with this part of ISO/IEC 15946.2 Normative referencesThe following normative documents contain provisions which, through reference in this text, constitute provisions ofthis part of ISO/IEC 15946. For dated references, subsequent amendments to, or revisions o

37、f, any of thesepublications do not apply. However, parties to agreements based on this part of ISO/IEC 15946 are encouraged toinvestigate the possibility of applying the most recent editions of the normative documents indicated below. Forundated references, the latest edition of the normative docume

38、nt referred to applies. Members of ISO and IECmaintain registers of currently valid International Standards.ISO/IEC 10118 (all parts), Information technology Security techniques Hash-functionsISO/IEC 15946-1, Information technology Security techniques Cryptographic techniques based on ellipticcurves

39、 Part 1: General3 Symbols and abbreviated termsFor the purposes of this part of ISO/IEC 15946, the symbols, terms and definitions described in ISO/IEC 15946-1apply. In addition, the following terms and symbols are used.3.1 Terms and definitions3.1.1 domain parameterISO/IEC14888-1 A data item which i

40、s common to and known by or accessible to all entities within the domain.NOTE The set of domain parameters may contain data items such as hash-function identifier, elliptic curve parameters, orother parameters specifying the security policy in the domain.ISO/IEC 15946-2:2002(E)2 ISO/IEC 2002 All rig

41、hts reserved3.1.2 hash-codeISO/IEC 10118-1 The string of bits which is the output of a hash-function.3.1.3 hash-functionISO/IEC 10118-1 A function which maps strings of bits to fixed-length strings of bits, satisfying the following twoproperties: for a given output, it is computationally infeasible

42、to find an input which maps to this output; and for a given input, it is computationally infeasible to find a second input which maps to the same output.NOTE Computational feasibility depends on the specific security requirements and environment.3.1.4 messageISO/IEC 9796-1 A string of bits of any le

43、ngth.3.1.5 randomizerISO/IEC 14888-1 A secret data item produced by the signing entity in the pre-signature production process, andnot predictable by other entities.3.1.6 signatureISO/IEC 9796-1 The string of bits resulting from the signature process.3.1.7 signature keyISO/IEC 14888-1 A secret data

44、item specific to an entity and usable only by this entity in the signature process.3.1.8 signature processISO/IEC 14888-1 A process which takes as inputs the message, the signature key and the domain parameters,and which gives as output the signature.3.1.9 verification keyISO/IEC 14888-1 A data item

45、 which is mathematically related to an entitys signature key and which is used by theverifier in the verification process.3.1.10 verification processISO/IEC 14888-1 A process which takes as input the signed message, the verification key and the domainparameters, and which gives as output the result

46、of the signature verification: valid or invalid.3.2 Symbols and notationIn addition to the symbols and notation defined in ISO/IEC 15946-1, the following symbols and notation are used inthis part of ISO/IEC 15946:Cert_Data certification datae, e hash code and recovered hash code respectivelyk random

47、izerm positive integer(r,s) , (r,s) signature and received signature respectivelyM, M message and received message respectivelylenxlength in bits of xh() hash functionISO/IEC 15946-2:2002(E) ISO/IEC 2002 All rights reserved 34 General Model for Digital Signatures with AppendixThis part of ISO/IEC 15

48、946 describes signature schemes based on the one way property of discrete exponentiationon elliptic curves defined over some finite prime field F(p), some finite field F(2m) or some finite extension field ofF(p).A digital signature scheme is defined by the specification of the following processes: P

49、arameter generation process; Signature generation process; Signature verification process.4.1 Parameter Generation ProcessThe parameters can be divided into domain parameters and user parameters.4.1.1 Domain ParametersThe domain parameters consist of parameters to define a finite field, parameters to define an elliptic curve over thefinite field, and other public information which is common to and known by or accessible to all entities within thedomain. As well as the domain par

展开阅读全文
相关资源
  • ANSI Z97 1-2009 American National Standard for Safety Glazing Materials used in Buildings - Safety Performance Specifications and Methods of Test《建筑物中窗用玻璃材料安全性用.pdfANSI Z97 1-2009 American National Standard for Safety Glazing Materials used in Buildings - Safety Performance Specifications and Methods of Test《建筑物中窗用玻璃材料安全性用.pdf
  • ANSI Z97 1 ERTA-2010 Re ANSI Z97 1 - 2009 Errata《修订版 美国国家标准学会Z97 1-2009标准的勘误表》.pdfANSI Z97 1 ERTA-2010 Re ANSI Z97 1 - 2009 Errata《修订版 美国国家标准学会Z97 1-2009标准的勘误表》.pdf
  • ANSI Z21 40 2a-1997 Gas-Fired Work Activated Air-Conditioning and Heat Pump Appliances (Same as CGA 2 92a)《燃气、工作激活空气调节和热泵器具(同 CGA 2 92a)》.pdfANSI Z21 40 2a-1997 Gas-Fired Work Activated Air-Conditioning and Heat Pump Appliances (Same as CGA 2 92a)《燃气、工作激活空气调节和热泵器具(同 CGA 2 92a)》.pdf
  • ANSI Z124 9-2004 American National Standard for Plastic Urinal Fixtures《塑料小便器用美国国家标准》.pdfANSI Z124 9-2004 American National Standard for Plastic Urinal Fixtures《塑料小便器用美国国家标准》.pdf
  • ANSI Z124 4-2006 American National Standard for Plastic Water Closet Bowls and Tanks《塑料抽水马桶和水箱用美国国家标准》.pdfANSI Z124 4-2006 American National Standard for Plastic Water Closet Bowls and Tanks《塑料抽水马桶和水箱用美国国家标准》.pdf
  • ANSI Z124 3-2005 American National Standard for Plastic Lavatories《塑料洗脸盆用美国国家标准》.pdfANSI Z124 3-2005 American National Standard for Plastic Lavatories《塑料洗脸盆用美国国家标准》.pdf
  • ANSI T1 659-1996 Telecommunications - Mobility Management Application Protocol (MMAP) RCF-RACF Operations《电信 可移动管理应用协议(MMAP) RCF-RACF操作》.pdfANSI T1 659-1996 Telecommunications - Mobility Management Application Protocol (MMAP) RCF-RACF Operations《电信 可移动管理应用协议(MMAP) RCF-RACF操作》.pdf
  • ANSI T1 651-1996 Telecommunications – Mobility Management Application Protocol (MMAP)《电信 可移动性管理应用协议》.pdfANSI T1 651-1996 Telecommunications – Mobility Management Application Protocol (MMAP)《电信 可移动性管理应用协议》.pdf
  • ANSI T1 609-1999 Interworking between the ISDN User-Network Interface Protocol and the Signalling System Number 7 ISDN User Part《电信 ISDN用户间网络接口协议和7号信令系统ISDN用户部分.pdfANSI T1 609-1999 Interworking between the ISDN User-Network Interface Protocol and the Signalling System Number 7 ISDN User Part《电信 ISDN用户间网络接口协议和7号信令系统ISDN用户部分.pdf
  • ANSI T1 605-1991 Integrated Services Digital Network (ISDN) - Basic Access Interface for S and T Reference Points (Layer 1 Specification)《综合服务数字网络(ISDN) S和T基准点的.pdfANSI T1 605-1991 Integrated Services Digital Network (ISDN) - Basic Access Interface for S and T Reference Points (Layer 1 Specification)《综合服务数字网络(ISDN) S和T基准点的.pdf
  • 猜你喜欢
  • BS ISO IEC 29341-24-1-2017 Information technology UPnP Device Architecture Internet gateway device control protocol Level 2 Internet gateway device《信息技术 UPnP设备体系结构 互联网网关设备.pdf BS ISO IEC 29341-24-1-2017 Information technology UPnP Device Architecture Internet gateway device control protocol Level 2 Internet gateway device《信息技术 UPnP设备体系结构 互联网网关设备.pdf
  • BS ISO IEC 29341-24-10-2017 Information technology UPnP Device Architecture Internet gateway device control protocol Level 2 Wide area network internet protocol Connection.pdf BS ISO IEC 29341-24-10-2017 Information technology UPnP Device Architecture Internet gateway device control protocol Level 2 Wide area network internet protocol Connection.pdf
  • BS ISO IEC 29341-24-11-2017 Information technology UPnP Device Architecture Internet gateway device control protocol Level 2 Wide area network internet protocol v6 Firewal.pdf BS ISO IEC 29341-24-11-2017 Information technology UPnP Device Architecture Internet gateway device control protocol Level 2 Wide area network internet protocol v6 Firewal.pdf
  • BS ISO IEC 29341-24-2-2017 Information technology UPnP Device Architecture Internet gateway device control protocol Level 2 Wide area network connection device《信息技术 UPnP设备.pdf BS ISO IEC 29341-24-2-2017 Information technology UPnP Device Architecture Internet gateway device control protocol Level 2 Wide area network connection device《信息技术 UPnP设备.pdf
  • BS ISO IEC 29341-24-3-2017 Information technology UPnP Device Architecture Internet gateway device control protocol Level 2 Wide area network device《信息技术 UPnP设备体系结构 互联网网关设.pdf BS ISO IEC 29341-24-3-2017 Information technology UPnP Device Architecture Internet gateway device control protocol Level 2 Wide area network device《信息技术 UPnP设备体系结构 互联网网关设.pdf
  • BS ISO IEC 29341-26-1-2017 Information technology UPnP Device Architecture Telephony device control protocol Level 2 Telephony architecture《信息技术 UPnP设备体系结构 电话设备控制协议 第2级 电话.pdf BS ISO IEC 29341-26-1-2017 Information technology UPnP Device Architecture Telephony device control protocol Level 2 Telephony architecture《信息技术 UPnP设备体系结构 电话设备控制协议 第2级 电话.pdf
  • BS ISO IEC 29341-26-10-2017 Information technology UPnP Device Architecture Telephony device control protocol Level 2 Call management service《信息技术 UPnP设备体系结构 电话设备控制协议 第2级 .pdf BS ISO IEC 29341-26-10-2017 Information technology UPnP Device Architecture Telephony device control protocol Level 2 Call management service《信息技术 UPnP设备体系结构 电话设备控制协议 第2级 .pdf
  • BS ISO IEC 29341-26-11-2017 Information technology UPnP Device Architecture Telephony device control protocol Level 2 Media management service《信息技术 UPnP设备体系结构 电话设备控制协议 第2级.pdf BS ISO IEC 29341-26-11-2017 Information technology UPnP Device Architecture Telephony device control protocol Level 2 Media management service《信息技术 UPnP设备体系结构 电话设备控制协议 第2级.pdf
  • BS ISO IEC 29341-26-12-2017 Information technology UPnP Device Architecture Telephony device control protocol Level 2 Messaging service《信息技术 UPnP设备体系结构 电话设备控制协议 第2级 信息服务》.pdf BS ISO IEC 29341-26-12-2017 Information technology UPnP Device Architecture Telephony device control protocol Level 2 Messaging service《信息技术 UPnP设备体系结构 电话设备控制协议 第2级 信息服务》.pdf
  • 相关搜索

    当前位置:首页 > 标准规范 > 国际标准 > ANSI

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1