ISO/IEC 20008-2:2013/Amd 1:2021

Overview

ISO/IEC 20008-2:2013/Amd 1:2021 is an important amendment to the international standard focusing on information technology security. This standard specifically addresses anonymous digital signatures, with emphasis on mechanisms that utilize a group public key. It is developed by the Joint Technical Committee ISO/IEC JTC 1, Subcommittee SC 27, which specializes in information security, cybersecurity, and privacy protection.

The amendment enhances the original 2013 edition by adding object identifiers, defining special hash functions, introducing comprehensive security guidelines, comparing revocation mechanisms, and providing numerical examples for the digital signature mechanisms. It also includes a technique for proof of correct generation for certain signature mechanisms and clarifies restrictions on the use of specific mechanisms.

Key Topics

• Anonymous Digital Signatures: Techniques enabling users to sign digital data without revealing their identity, preserving privacy and anonymity.
• Group Public Key Mechanisms: Cryptographic methods that use a shared group key to validate signatures while ensuring anonymity within the group.
• Object Identifiers (OIDs): Unique identifiers specified for the anonymous digital signature mechanisms to standardize implementation and interoperability.
• Special Hash Functions: Defined for use within these mechanisms to ensure secure and reliable digital signature generation and verification.
• Security Guidelines: Best practices and considerations for securely implementing anonymous digital signature schemes.
• Revocation Mechanisms: Methods for managing and invalidating membership or signing rights, vital for maintaining group security.
• Numerical Examples: Practical illustrations of signature generation and verification to assist developers and implementers.
• Proof of Correct Generation: Techniques ensuring that signatures are reliably produced according to the defined standards.
• Usage Restrictions: Clarifications on particular mechanisms, such as Mechanism 6, which should only be used where the issuer and opener are the same trusted entity, to prevent risks to anonymity.

Applications

ISO/IEC 20008-2:2013/Amd 1:2021 serves as a foundational resource for organizations and developers implementing secure anonymous digital signature systems where group-based identity management is required. Practical applications include:

• Privacy-Preserving Authentication: Enabling anonymous credentials in digital identity systems, protecting user privacy while allowing verification.
• Secure Group Communications: Facilitating confidential signing in group environments such as online committees, boards, and federations.
• E-Governance and Voting Systems: Providing secure, anonymous digital signatures for electronic ballots and decision-making while preventing fraud.
• Confidential Transactions: Enabling financial and contractual signing where signer anonymity is critical.
• Access Control and Authorization: Where group-based credentials control access without revealing individual identities.

Related Standards

• ISO/IEC 20008-1:2013 - Information technology – Security techniques – Anonymous digital signatures – Part 1: General (provides overarching principles).
• ISO/IEC 27000-series - Information security management systems and technologies related to security governance.
• Other cryptographic standards developed by ISO/IEC JTC 1/SC 27 addressing privacy, authentication, and digital signature techniques.

This amendment builds upon the existing framework by refining the mechanisms ensuring stronger security, enhanced interoperability, and practical clarifications to support wider adoption in security-sensitive applications. For further technical details and updates, refer to the ISO website and the ISO patent declarations relevant to these cryptographic techniques.