ISO/IEC 14888-2:2008 信息技术 安全技术 带附件的数字签名 第2部分：以整数分解为基础的机制

标准编号：ISO/IEC 14888-2:2008

中文名称：信息技术 安全技术 带附件的数字签名 第2部分：以整数分解为基础的机制

英文名称：Information technology — Security techniques — Digital signatures with appendix — Part 2: Integer factorization based mechanisms

发布日期：2008-04

标准范围

ISO/IEC 14888规定了带有附录的数字签名。由于无法从签名中恢复消息的任何部分（消息的可恢复部分为空），因此签名的消息由签名和整个消息组成。注ISO/IEC 9796规定了提供消息恢复的数字签名。由于消息的全部或部分是从签名中恢复的，因此消息的可恢复部分不是空的。签名的消息要么仅由签名组成（当消息的不可恢复部分为空时），要么由签名和不可恢复部分组成。ISO/IEC 14888-2:20 08规定了带有附录的数字签名，其安全性基于使用中模因子分解的难度。对于每个签名方案，它指定:签名和验证所需的所有数据元素之间的关系和约束；签名机制，即如何用签名所需的数据元素产生消息的签名；验证机制，即如何用验证所需的数据元素来验证消息的签名。ISO/IEC 14888-2的标题从基于身份的机制（第一版）改为基于整数因式分解的机制（第二版）。ISO/IEC 14888-2:20 08包括ISO/IEC 14888-2:19 99中规定的基于身份的方案，即GQ1方案。由于1999年ISO/IEC 9796:1991的撤销，该方案已被修订。在ISO/IEC 14888-3:19 98规定的基于证书的方案中，它包括了所有基于使用中模量因子的难度的方案，即RSA、RW和ESIGN方案。由于ISO/IEC 9796的撤销，对这些方案进行了修订:1991年在1999年。它考虑了ISO/IEC 14888-3:19 98/Corl.1:20 01，ESIGN方案的技术勘误。它包括格式机制，即PSS机制，也在ISO/IEC 9796-2:20 02中规定，以及如何在RSA、RW、GQ1和ESIGN方案中使用它的细节。它包括不使用格式机制的新的基于证书的方案，即GQ2、GPS1和GPS2方案。对于每个方案及其选项，根据需要，它提供了一个对象标识符。

ISO/IEC 14888 specifies digital signature with appendix. As no part of the message is recovered from the signature (the recoverable part of the message is empty), the signed message consists of the signature and the whole message.

NOTE ISO/IEC 9796 specifies digital signature giving message recovery. As all or part of the message is recovered from the signature, the recoverable part of the message is not empty. The signed message consists of either the signature only (when the non-recoverable part of the message is empty), or both the signature and the non-recoverable part.

ISO/IEC 14888-2:2008 specifies digital signatures with appendix whose security is based on the difficulty of factoring the modulus in use. For each signature scheme, it specifies:

• the relationships and constraints between all the data elements required for signing and verifying;


• a signature mechanism, i.e. how to produce a signature of a message with the data elements required for signing;


• a verification mechanism, i.e. how to verify a signature of a message with the data elements required for verifying.

1. ISO/IEC 14888-2:2008 includes the identity-based scheme specified in ISO/IEC 14888-2:1999, namely the GQ1 scheme. This scheme has been revised due to the withdrawal of ISO/IEC 9796:1991 in 1999.


2. Among the certificate-based schemes specified in ISO/IEC 14888-3:1998, it includes all the schemes based on the difficulty of factoring the modulus in use, namely, the RSA, RW and ESIGN schemes. These schemes have been revised due to the withdrawal of ISO/IEC 9796:1991 in 1999.


3. It takes into account ISO/IEC 14888-3:1998/Cor.1:2001, technical corrigendum of the ESIGN scheme.


4. It includes a format mechanism, namely the PSS mechanism, also specified in ISO/IEC 9796-2:2002, and details of how to use it in each of the RSA, RW, GQ1 and ESIGN schemes.


5. It includes new certificate-based schemes that use no format mechanism, namely, the GQ2, GPS1 and GPS2 schemes.


6. For each scheme and its options, as needed, it provides an object identifier.

标准预览图