ISO/IEC 14888-3:2006/Amd 2:2012
(Amendment)Information technology — Security techniques — Digital signatures with appendix — Part 3: Discrete logarithm based mechanisms — Amendment 2: Optimizing hash inputs
Information technology — Security techniques — Digital signatures with appendix — Part 3: Discrete logarithm based mechanisms — Amendment 2: Optimizing hash inputs
Technologies de l'information — Techniques de sécurité — Signatures numériques avec appendice — Partie 3: Mécanismes basés sur un logarithme discret — Amendement 2: Optimisation des entrées pour la fonction de hachage
General Information
Relations
Standards Content (Sample)
INTERNATIONAL ISO/IEC
STANDARD 14888-3
Second edition
2006-11-15
AMENDMENT 2
2012-07-01
Information technology — Security
techniques — Digital signatures with
appendix —
Part 3:
Discrete logarithm based mechanisms
AMENDMENT 2: Optimizing hash inputs
Technologies de l'information — Techniques de sécurité — Signatures
numériques avec appendice —
Partie 3: Mécanismes basés sur un logarithme discret
AMENDEMENT 2: Optimisation des entrées pour la fonction de
hachage
Reference number
ISO/IEC 14888-3:2006/Amd.2:2012(E)
©
ISO/IEC 2012
---------------------- Page: 1 ----------------------
ISO/IEC 14888-3:2006/Amd.2:2012(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2012
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2012 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 14888-3:2006/Amd.2:2012(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
Amendment 2 to ISO/IEC 14888-3:2006 was prepared by Joint Technical Committee ISO/IEC JTC 1,
Information technology, Subcommittee SC 27, IT Security techniques.
It introduces an optimization for the Schnorr Elliptic Curve Digital Signature Algorithms specified in
ISO/IEC 14888-3:2006/Amd.1:2010. Whereas this optimization is described in an informative (only) note of
ISO/IEC 14888-3:2006/Amd.1:2010, Amendment 2 makes the optimization a normative option. It also corrects
various errata in Annexes E and F and updates the date of a reference in the Bibliography.
© ISO/IEC 2012 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC 14888-3:2006/Amd.2:2012(E)
Information technology — Security techniques — Digital
signatures with appendix —
Part 3:
Discrete logarithm based mechanisms
AMENDMENT 2: Optimizing hash inputs
Subclause 6.9.1, Introduction to EC-SDSA
Replace the text in 6.9.1 with the following:
EC-SDSA (Elliptic Curve Schnorr Digital Signature Algorithm) is a signature mechanism with verification key Y
= [X]G; that is, the parameter D is equal to 1. The message is prepared such that M2 is empty and M1 = M the
message to be signed. The witness R is computed as a hash-code of the message M and a random pre-
signature = [K]G, by one of two methods, either
normal R = h(FE2BS( ) || FE2BS( ) || M)
X Y
or
optimized R = h(FE2BS( ) || M).
X
The first method generates the witness by hashing the concatenation of the x-coordinate of , the y-
coordinate of and the message M. The second method omits the y-coordinate from the hash calculation and
thereby improves performance.
The second method is an optimized variant of EC-SDSA (see [40]).
Subclause 6.9.4.4, Computing the witness
Replace the text in 6.9.4.4 with the
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.