Information technology — Security techniques — Entity authentication — Part 3: Mechanisms using digital signature techniques

Technologies de l'information — Techniques de sécurité — Authentification d'entité — Partie 3: Mécanismes utilisant des techniques de signature numériques

General Information

Status
Withdrawn
Publication Date
14-Oct-1998
Withdrawal Date
14-Oct-1998
Current Stage
9599 - Withdrawal of International Standard
Completion Date
30-Jan-2019
Ref Project

Relations

Buy Standard

Standard
ISO/IEC 9798-3:1998 - Information technology -- Security techniques -- Entity authentication
English language
6 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

ISOAEC
INTERNATIONAL
9798-3
STANDARD
Second edition
19984045
Information technology - Security
techniques - Entity authentication -
Part 3:
Mechanisms using digital signature techniques
Technologies de I’informa tion - Techniques de s&wit6 - Authentifica tion
d ’entitb -
Partie 3: Mkcanismes utilisant des techniques de signature numkriques
Reference number
ISOh EC 9798-3: 1998(E)

---------------------- Page: 1 ----------------------
lSO/lEC 9798-3: 1998(E)
Foreword
IS0 (the International Organization for Standardization) and IEC (the International Elec-
trotechnical Commission) form the specialized system for worldwide standardization. Na-
tional bodies that are members of IS0 or IEC participate in the development of Intema-
tional Standards through technical committees established by the respective organization
to deal with particular fields of technical activity. IS0 and IEC technical committees col-
laborate in fields of mutual interest. Other international organizations, governmental and
non-governmental, in liaison with IS0 and IEC, also take part in the work.
In the field of information technology, IS0 and IEC have established a joint technical com-
mittee, ISO/IEC JTC 1. Draft International Standards adopted by the joint technical
Publication as an International
committee are circulated to national bodies for voting.
Standard requires approval by at least 75% of the national bodies casting a vote.
International Standard ISO/IEC 9798-3 was prepared by Joint Technical Committee
ormation technology, Subcommittee SC27, IT Security techniques.
ISO/lEC JTC 1, I n f
This second edition cancels and replaces the first edition (ISO/IEC 979%3:1993), which
has been technically revised. Note, however, that implementations which comply with
ISO/IEC 9798-3 (1st edition) will be compliant with ISO/IEC 9798-3 (2nd edition).
ISO/IEC 9798 consists of the following parts, under the general title Inform&ion technology
- Security techniques - Entity authentication:
- Part 1: General
- Part 2: Mechanisms using symmetric encipherment algorithms
- Part 3: Mechanisms using digital signature techniques
- Part 4: Mechanisms using a cryptographic check function
- Part 5: Mechanisms using zero knowledge techniques
Further parts may follow.
Annex A of this part of ISO/IEC 9798 is for information only.
0 ISO/IEC 1998
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced
or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm, without permission in writing from the publisher.
ISO/IEC Copyright Office l Case postale 56 l CH-1211 Geneve 20 l Switzerland
Printed in Switzerland

---------------------- Page: 2 ----------------------
lSO/lEC 9798-3: 1998(E)
INTERNATIONAL STANDARD @ ISOAEC
Information technology - Security techniques -
Entity authentication -
Part 3:
Mechanisms using digital signature techniques
.
-
3 Definitions and notation
1 Scope
For the purposes of this part of ISO/IEC 9798 the defini-
This part of ISO/IEC 9798 specifies entity authentica-
tions and notation described in ISO/IEC 9798-l apply.
tion mechanisms using digital signatures based on asym-
metric techniques. Two mechanisms are concerned with
the authentication of a single entity (unilateral authenti-
4 Requirements
cation), while the remaining are mechanisms for mutual
authentication of two entities. A digital signature is
In the authentication mechanisms specified in this part
used to verify the identity of an entity. A trusted third
of ISO/IEC 9798 an entity to be authenticated corrob-
party may be involved.
orates its identity by demonstrating its knowledge of its
The mechanisms specified in this part of ISO/IEC 9798
private signature key. This is achieved by the entity us-
use time variant parameters such as time stamps, se-
ing its private signature key to sign specific data. The
quence numbers, or random numbers, to prevent valid
signature can be verified by anyone using the entity ’s
authentication information from being accepted at a
public verification key.
later time.
The authentication mechanisms have the following re-
If a time stamp or a sequence number is used, one pass
quirements:
is needed for unilateral authentication, while two passes
a) A verifier shall possess the valid public key of the
are needed to achieve mutual authentication. If a chal-
claimant, i.e., of the entity that the claimant claims to
lenge and response method employing random numbers
be .
is used, two passes are needed for unilateral authen-
tication, while three or four passes (depending on the
b) A claimant shall have a private signature key known
mechanism employed) are required to achieve mutual
and used only by the claimant.
authentication.
If either of these is not satisfied then the authentication
process may be compromised or it cannot be completed
2 Normative reference
successfully.
The following standard contains provisions which,
NOTES
through reference in this test, constitute provisions of
1 One way of obtaining a valid public key is by means
this part of ISO/IEC 9798. At the time of publica-
of a certificate (see Annex C of ISO/IEC 9798-l). The
tion, the edition indicated was valid. All standards are
generation, distribution, and revocation of certificates
subject to revision, and parties to agreements based on
are outside the scope of this part’ of ISO/IEC 9798.
this part of ISO/IEC 9798 are encouraged to investi-
There may exist a trusted third party for this pur-
gate the possibility of applying the most recent edition
pose. Another way of obtaining a valid public key is
of the standard indicated below. Members of IEC and
by trusted courier.
IS0 maintain registers of currently valid International
2 References to digital signature schemes are contained
Standards.
in Annex D of ISO/IEC 9798-l.
ISO/IEC 9798-l: 1997, Information technology - Se-
- Entity authentication - Part 1:
curity techniques
General.

---------------------- Page: 3 ----------------------
0 ISOAEC
lSO/IEC 9798-3: 1998(E)
B. Uniqueness / timeliness is controlled by generating
5 Mechanisms
and checking a time stamp or a sequence number (see
Annex B of ISO/IEC 9798-l).
The specified entity authentication mechanisms make
use of time variant parameters such as time stamps, se-
The authentication mechanism is illustrated in figure 1.
quence numbers or random numbers (see Annex B of
ISO/IEC 9798-l and Note 1 below).
.
,
Throughout this part of ISO/IEC 9798, tokens have the
(1) CertAIITokenAB
L
*
A (2)
following form: B
.
Token =
Xl II l l l lIx;IlSSA(l; II l l l llYj)*
Figure I
The form of the token (TokenAB), sent by the claimant
In this part of ISO/IEC 9798, the term “signed data”
A to the verifier B is:
refers to “Ylll l l - 1py used as input to the signa-
ture scheme and the term “unsigned data” refers to
TokenAB =
2 jlBjlText2lissA ($liB(l-=tl),
“X,11 l l l llxi”.
If information contained in the signed data of the token
where the claimant A uses either a sequence number
can be recovered from the signature, then it need not
NA or a time stamp TA as the time variant parameter.
be contained in the unsigned data of the token (see, for
The choice depends on the technical capabilities of the
example, ISO/IEC 9796).
claimant and the verifier as well as on the environment.
If information contained in the text field of the signed
NOTES
data of the token cannot be recovered from the signa-
1 The inclusion of the identifier B in the signed data of
ture, then it shall be contained in the unsigned text field
TokenAB is necessary to prevent the token from being
of the token.
accepted by anyone other than the intended verifier.
If information in the signed data of the token (e.g., a
2 In general, Text2 is not authenticated by this pro-
random number) is already known to the verifier, then
cess.
it need not be contained in the unsigned data of the
3 One application of this mechanism could be key dis-
token sent bv the claimant.

tribution (see Annex A of ISO/IEC 9798-l).
All text fields specified in the following mechanisms are
available for use in applications outside the scope of this
(1) A sends TokenAB and, optionally, its certificate to
part of ISO/IEC 9798 (they may be empty). Their re-
B.
lationship and contents depend upon the specific appli-
(2) On receipt of the message containing TokenAB, B
cation. See Annex A for information on the use of text
performs the following steps:
fields.
i It ensures that it is in possession of a valid
0
NOTES
public key of .A either by verifying the certifi-
1 The signing by one entity of a data block which has
cate of A or by some other means.
been manipulated by a second entity for some ulterior
ii It verifies TokenAB by verifying the signature
motive can be prevented by the first entity including its ( 1
of A contained in the token, by checking the
own random number in the data block which it signs.
time stamp or the sequence number, and by
In this case, it is the unpredictability which prevents
the signing of pre-defined data. checking that the value of the identifier field
(B) in the signed data of TokenAB is equal to
2 As the distribution of certificates is outside the scope
entity B ’s distinguishing identifier.
of this part of ISO/IEC 9798, the sending of certificates
.
is optional in all mechanisms.
5.1.2 Two pass authentication
5.1 Unilateral authentication
In this authentication mechanism the claimant A is
Unilateral authentication means that only one of the
authenticated by the verifier B who initiates the pro-
two entities is authenticated by use of the mechanism.
cess. Uniqueness / timeliness is controlled by generat-
ing and checking a random number Rg (see Annex B of
5.1.1 One pass authentication
ISO/IEC 9798-l).
In this authentication mechanism the claimant A ini-
tiates the process and is authenticated by the verifier

---------------------- Page: 4 ----------------------
@ ISOAEC ISOA EC 9798-3: 1998(E)
The mechanism specified in 5.2.3 uses four messages
The authentication mechanism is illustrated in figure 2.
which, however, need not all be sent consecutively. In
this way the authentication process may be speeded up.
1 (1) RsljTextl
r
t 1
5.2.1 Two pass authentication
/ A rrj B ( (3)
I I
1 L
In this authentication mechanism uniqueness / time-
Figure 2
liness is controlled by generating and checking time
stamps or sequence
numbers (see Annex B of
The form of the token (TokenAB), sent by the claimant
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.