Information security -- Redaction of authentic data

This document specifies properties of cryptographic mechanisms to redact authentic data. In particular, it defines the processes involved in those mechanisms, the participating parties, and the cryptographic properties.

Sécurité de l'information -- Rédaction de données authentifiées

General Information

Status
Published
Publication Date
17-Mar-2021
Current Stage
5060 - Close of voting Proof returned by Secretariat
Start Date
26-Feb-2021
Completion Date
26-Feb-2021
Ref Project

Buy Standard

Standard
ISO/IEC 23264-1:2021 - Information security -- Redaction of authentic data
English language
11 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
ISO/IEC PRF 23264-1:Version 05-feb-2021 - Information security -- Redaction of authentic data
English language
11 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

INTERNATIONAL ISO/IEC
STANDARD 23264-1
First edition
2021-03
Information security — Redaction of
authentic data —
Part 1:
General
Sécurité de l'information — Rédaction de données authentifiées —
Partie 1: Généralités
Reference number
ISO/IEC 23264-1:2021(E)
ISO/IEC 2021
---------------------- Page: 1 ----------------------
ISO/IEC 23264-1:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2021

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2021 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 23264-1:2021(E)
Contents Page

Foreword ........................................................................................................................................................................................................................................iv

Introduction ..................................................................................................................................................................................................................................v

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Symbols and conventions ............................................................................................................................................................................ 5

4.1 Symbols ......................................................................................................................................................................................................... 5

4.2 Conventions ............................................................................................................................................................................................... 5

5 General model and processes ................................................................................................................................................................. 5

5.1 General ........................................................................................................................................................................................................... 5

5.2 Parties and processes ........................................................................................................................................................................ 5

5.3 General model .......................................................................................................................................................................................... 6

5.4 Specification of processes.............................................................................................................................................................. 7

5.4.1 Key generation process .............................................................................................................................................. 7

5.4.2 Redactable attestation process............................................................................................................................ 7

5.4.3 Redaction process ........................................................................................................................................................... 8

5.4.4 Verification process ....................................................................................................................................................... 8

6 Cryptographic properties of redactable attestation schemes ............................................................................... 9

6.1 Required cryptographic properties ...................................................................................................................................... 9

6.1.1 Correctness ........................................................................................................................................................................... 9

6.1.2 Unforgeability ..................................................................................................................................................................... 9

6.1.3 Privacy ...................................................................................................................................................................................... 9

6.2 Optional cryptographic properties .....................................................................................................................................10

6.2.1 Undetectability of redactions .............................................................................................................................10

6.2.2 Detectability of redactions ...................................................................................................................................10

6.2.3 Unlinkability of redactions ...................................................................................................................................10

6.2.4 Disclosure control ........................................................................................................................................................10

6.2.5 Consecutive redaction control ..........................................................................................................................10

6.2.6 Mergeability ......................................................................................................................................................................10

Bibliography .............................................................................................................................................................................................................................11

© ISO/IEC 2021 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC 23264-1:2021(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that

are members of ISO or IEC participate in the development of International Standards through

technical committees established by the respective organization to deal with particular fields of

technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other

international organizations, governmental and non-governmental, in liaison with ISO and IEC, also

take part in the work.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for

the different types of document should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject

of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent

rights. Details of any patent rights identified during the development of the document will be in the

Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents) or the IEC

list of patent declarations received (see http:// patents .iec .ch).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/

iso/ foreword .html.

This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,

Subcommittee SC 27, Information security, cybersecurity and privacy protection.
A list of all parts in the ISO/IEC 23264 series can be found on the ISO website.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
iv © ISO/IEC 2021 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC 23264-1:2021(E)
Introduction

Digital attestation schemes, in particular digital signature schemes or message authentication codes,

can be used to provide data integrity and data origin authentication. A redactable attestation scheme

enables the attestation of a message in such a way that, if certain parts of the attested message (known

as fields) are redacted (erased, blanked out or permanently removed), the attestation of the redacted

message can still be verified. More precisely, upon attesting a message, the attestor knowing the

private attestation key can define which parts of the message can later be redacted (in the sense of

ISO/IEC 27038) by any entity only knowing the message, the attestation, and the attestor’s redaction

key. Any other modification of the attested message (e.g. redaction of other message parts or insertion/

modification of any parts) invalidates the attestation.

Redactable attestation schemes are a basic building block in many privacy-preserving applications,

such as privacy-preserving data sharing or authentication, where an entity can decide to only reveal

the information that is absolutely necessary to forward to a receiver, while the latter is still assured

that the received information was previously attested, e.g. by a public authority.

The goal of the ISO/IEC 23264 series is to remedy existing incompatibilities or inconsistently defined

properties in existing specifications of such schemes, and to ease the real-world adoption of this

technology. Specifically, the goal of this document is to lay the foundations for subsequent parts (e.g.

focusing on concrete algorithms for the authenticity-preserving redaction of specific document formats

like text, pictures, video, etc.) by specifying and defining common terminology and properties for such

schemes.

The ISO/IEC 23264 series complements ISO/IEC 27038, which specifies the redaction of digital

documents without addressing the authenticity of the data.
© ISO/IEC 2021 – All rights reserved v
---------------------- Page: 5 ----------------------
INTERNATIONAL STANDARD ISO/IEC 23264-1:2021(E)
Information security — Redaction of authentic data —
Part 1:
General
1 Scope

This document specifies properties of cryptographic mechanisms to redact authentic data. In particular,

it defines the processes involved in those mechanisms, the participating parties, and the cryptographic

properties.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
admissible changes

description of all possible modifications of a message (3.12) attested with a redactable attestation

scheme (3.16) that can be applied within the redaction process (3.23) without invalidating the resulting

redacted attestation (3.18)

Note 1 to entry: The set of admissible changes is called non-trivial, if the admissible changes allow for at least one

modification of the original message yielding a redacted message different from the original message.

Note 2 to entry: In the context of this document, the possible modifications of a message are limited to removal of

some fields of a message.
3.2
attestation key
private attestation key

secret data item specific to an attestor (3.4) and usable only by this entity in the redactable attestation

process (3.15)

Note 1 to entry: Except for the term “redactable attestation process” instead of “signature process”, this definition

is consistent with “signature key” as defined in ISO/IEC 14888-1:2008, 3.13.
3.3
attested message

set of data items consisting of the redactable attestation (3.14), the admissible changes (3.1) and the

fields (3.10) of the message (3.12) which are attested

Note 1 to entry: Depending on the instantiation, if not all admissible changes are part of the attested message,

then at least those admissible changes that are relevant for the verification process can be reconstructed from the

redactable attestation in combination with the fields of the message which are attested and the verification key.

© ISO/IEC 2021 – All rights reserved 1
---------------------- Page: 6 ----------------------
ISO/IEC 23264-1:2021(E)
3.4
attestor

entity using its private attestation key (3.2) to perform the redactable attestation process (3.15),

producing an attested message (3.3)
3.5
confidentiality

property that information is not made available or disclosed to unauthorized individuals, entities or

processes
[SOURCE: ISO/IEC 7498-2:1989, 3.3.16, modified — The article has been removed.]
3.6
data integrity
property that data has not been altered or destroyed in an unauthorized manner
[SOURCE: ISO/IEC 7498-2:1989, 3.3.21, modified — The article has been removed.]
3.7
digital attestation

data appended to, or a cryptographic transformation of, a message (3.12) that allows a recipient of the

data to verify the source and data integrity (3.6) of the message (3.12)
3.8
domain
set of entities operating under a single security policy

Note 1 to entry: In the context of this document, a domain contains all participating attestors, redactors and

verifiers.
[SOURCE: ISO/IEC 14888-1:2008, 3.4, modified — Note 1 to entry has been added.]
3.9
domain parameter

data item which is common to and known by or accessible to all entities within the domain (3.8)

[SOURCE: ISO/IEC 14888-1:2008, 3.5, modified — The article has been removed.]
3.10
field
sub-string of any length of the message (3.12)
3.11
key generation process
process for generating cryptographic keys
3.12
message
string of bits of any length

Note 1 to entry: In the context of this document, the message is always composed of one or several field(s). The

exact composition and a decomposition is always obtainable from the message.
[SOURCE: ISO/IEC 14888-1:2008, 3.10, modified — Note 1 to entry has been added.]
3.13
modification instruction

instruction that describes the message redaction, i.e. how a message (3.12) is to be redacted by the

redactor (3.24) within a redaction process (3.23)

Note 1 to entry: Modification instructions are called non-trivial if the message input to, and the message obtained

by, the redaction process are not identical.
2 © ISO/IEC 2021 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/IEC 23264-1:2021(E)
3.14
redactable attestation
redactable digital attestation

data resulting from the redactable attestation process that is appended to a message (3.12) that allows

a recipient of this data to verify the source and integrity of the message (3.12)

Note 1 to entry: This string of bits may have an internal structure that is specific to the attestation mechanism.

3.15
redactable attestation process

process which takes as inputs the message (3.12), the private attestation key (3.2), the admissible changes

(3.1) and the domain parameters (3.9), and which outputs a redactable attestation (3.14)

3.16
redactable attestation scheme

set of processes that achieves digital attestation (3.7) and supports the creation and verification of

redactable attestations (3.14) together with a redaction process (3.23)
3.17
redacted admissible changes
admissible changes (3.1) that are the output of the redaction process (3.23)

Note 1 to entry: The redacted admissible changes are derived during the redaction process from the given

admissible changes by applying modification instructions.
3.18
redacted attestation
redacted digital attestation

attestation resulting from applying the redaction process (3.23) at least once with some modification

instructions (3.13)

Note 1 to entry: This string of bits may have an internal structure that is specific to the attestation mechanism.

3.19
redacted attested message

set of data items resulting from the redaction process (3.23) which consists of the redacted attestation

(3.18), the redacted admissible changes (3.17) and the redacted message (3.20) composed from those

fields (3.10) that have not been subject to any redaction

Note 1 to entry: Depending on the instantiation, if not all redacted admissible changes are part of the redacted

attested message, then at least those redacted admissible changes that are relevant for the verification process

can be reconstructed from the redacted attestation in combination with the redacted message and the

verification key.
3.20
redacted message
message (3.12) that is the output from the redaction process (3.23)
3.21
redaction

removal of a field (3.10) such that it results in the irreversible and permanent removal of information

contained within that field from the message (3.12)

Note 1 to entry: The removal of a field only removes the information contained within that field. Information that

can be derived from other fields of the message or from other sources is not removed.

© ISO/IEC 2021 – All rights reserved 3
---------------------- Page: 8 ----------------------
ISO/IEC 23264-1:2021(E)
3.22
redaction key

set of public data elements which is related to an attestor’s (3.4) private attestation key (3.2) and which

is used by the redactor (3.24) in the redaction process (3.23)

Note 1 to entry: Depending on the instantiation, the redaction key may be private or public. In any case,

knowledge of the redaction key does not result in information about the attestor’s private attestation key.

3.23
redactio
...

INTERNATIONAL ISO/IEC
STANDARD 23264-1
First edition
Information security — Redaction of
authentic data —
Part 1:
General
Sécurité de l'information — Rédaction de données authentifées —
Partie 1: Généralités
PROOF/ÉPREUVE
Reference number
ISO/IEC 23264-1:2021(E)
ISO/IEC 2021
---------------------- Page: 1 ----------------------
ISO/IEC 23264-1:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2021

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii PROOF/ÉPREUVE © ISO/IEC 2021 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 23264-1:2021(E)
Contents Page

Foreword ........................................................................................................................................................................................................................................iv

Introduction ..................................................................................................................................................................................................................................v

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Symbols and conventions ............................................................................................................................................................................ 5

4.1 Symbols ......................................................................................................................................................................................................... 5

4.2 Conventions ............................................................................................................................................................................................... 5

5 General model and processes ................................................................................................................................................................. 5

5.1 General ........................................................................................................................................................................................................... 5

5.2 Parties and processes ........................................................................................................................................................................ 5

5.3 General model .......................................................................................................................................................................................... 6

5.4 Specification of processes.............................................................................................................................................................. 7

5.4.1 Key generation process .............................................................................................................................................. 7

5.4.2 Redactable attestation process............................................................................................................................ 7

5.4.3 Redaction process ........................................................................................................................................................... 8

5.4.4 Verification process ....................................................................................................................................................... 8

6 Cryptographic properties of redactable attestation schemes ............................................................................... 9

6.1 Required cryptographic properties ...................................................................................................................................... 9

6.1.1 Correctness ........................................................................................................................................................................... 9

6.1.2 Unforgeability ..................................................................................................................................................................... 9

6.1.3 Privacy ...................................................................................................................................................................................... 9

6.2 Optional cryptographic properties .....................................................................................................................................10

6.2.1 Undetectability of redactions .............................................................................................................................10

6.2.2 Detectability of redactions ...................................................................................................................................10

6.2.3 Unlinkability of redactions ...................................................................................................................................10

6.2.4 Disclosure control ........................................................................................................................................................10

6.2.5 Consecutive redaction control ..........................................................................................................................10

6.2.6 Mergeability ......................................................................................................................................................................10

Bibliography .............................................................................................................................................................................................................................11

© ISO/IEC 2021 – All rights reserved PROOF/ÉPREUVE iii
---------------------- Page: 3 ----------------------
ISO/IEC 23264-1:2021(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that

are members of ISO or IEC participate in the development of International Standards through

technical committees established by the respective organization to deal with particular fields of

technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other

international organizations, governmental and non-governmental, in liaison with ISO and IEC, also

take part in the work.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for

the different types of document should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject

of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent

rights. Details of any patent rights identified during the development of the document will be in the

Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents) or the IEC

list of patent declarations received (see http:// patents .iec .ch).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/

iso/ foreword .html.

This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,

Subcommittee SC 27, Information security, cybersecurity and privacy protection.
A list of all parts in the ISO/IEC 23264 series can be found on the ISO website.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
iv PROOF/ÉPREUVE © ISO/IEC 2021 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC 23264-1:2021(E)
Introduction

Digital attestation schemes, in particular digital signature schemes or message authentication codes,

can be used to provide data integrity and data origin authentication. A redactable attestation scheme

enables the attestation of a message in such a way that, if certain parts of the attested message (known

as fields) are redacted (erased, blanked out or permanently removed), the attestation of the redacted

message can still be verified. More precisely, upon attesting a message, the attestor knowing the

private attestation key can define which parts of the message can later be redacted (in the sense of

ISO/IEC 27038) by any entity only knowing the message, the attestation, and the attestor’s redaction

key. Any other modification of the attested message (e.g. redaction of other message parts or insertion/

modification of any parts) invalidates the attestation.

Redactable attestation schemes are a basic building block in many privacy-preserving applications,

such as privacy-preserving data sharing or authentication, where a entity can decide to only reveal the

information that is absolutely necessary to forward to a receiver, while the latter is still assured that

the received information was previously attested, e.g. by a public authority.

The goal of the ISO/IEC 23264 series is to remedy existing incompatibilities or inconsistently defined

properties in existing specifications of such schemes, and to ease the real-world adoption of this

technology. Specifically, the goal of this document is to lay the foundations for subsequent parts (e.g.

focusing on concrete algorithms for the authenticity-preserving redaction of specific document formats

like text, pictures, video, etc.) by specifying and defining common terminology and properties for such

schemes.

The ISO/IEC 23264 series complements ISO/IEC 27038, which specifies the redaction of digital

documents without addressing the authenticity of the data.
© ISO/IEC 2021 – All rights reserved PROOF/ÉPREUVE v
---------------------- Page: 5 ----------------------
INTERNATIONAL STANDARD ISO/IEC 23264-1:2021(E)
Information security — Redaction of authentic data —
Part 1:
General
1 Scope

This document specifies properties of cryptographic mechanisms to redact authentic data. In particular,

it defines the processes involved in those mechanisms, the participating parties, and the cryptographic

properties.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
admissible changes

description of all possible modifications of a message (3.12) attested with a redactable attestation

scheme (3.16) that can be applied within the redaction process (3.23) without invalidating the resulting

redacted attestation (3.18)

Note 1 to entry: The set of admissible changes is called non-trivial, if the admissible changes allow for at least one

modification of the original message yielding a redacted message different from the original message.

Note 2 to entry: In the context of this document, the possible modifications of a message are limited to removal of

some fields of a message.
3.2
attestation key
private attestation key

secret data item specific to an attestor (3.4) and usable only by this entity in the redactable attestation

process (3.15)

Note 1 to entry: Except for the term “redactable attestation process” instead of “signature process”, this definition

is consistent with “signature key” as defined in ISO/IEC 14888-1:2008, 3.13.
3.3
attested message

set of data items consisting of the redactable attestation (3.14), the admissible changes (3.1) and the

fields (3.10) of the message (3.12) which are attested

Note 1 to entry: Depending on the instantiation, if not all admissible changes are part of the attested message,

then at least those admissible changes that are relevant for the verification process can be reconstructed from the

redactable attestation in combination with the fields of the message which are attested and the verification key.

© ISO/IEC 2021 – All rights reserved PROOF/ÉPREUVE 1
---------------------- Page: 6 ----------------------
ISO/IEC 23264-1:2021(E)
3.4
attestor

entity using its private attestation key (3.2) to perform the redactable attestation process (3.15),

producing an attested message (3.3)
3.5
confidentiality

property that information is not made available or disclosed to unauthorized individuals, entities or

processes
[SOURCE: ISO/IEC 7498-2:1989, 3.3.16, modified — The article has been removed.]
3.6
data integrity
property that data has not been altered or destroyed in an unauthorized manner
[SOURCE: ISO/IEC 7498-2:1989, 3.3.21, modified — The article has been removed.]
3.7
digital attestation

data appended to, or a cryptographic transformation of, a message (3.12) that allows a recipient of the

data to verify the source and data integrity (3.6) of the message (3.12)
3.8
domain
set of entities operating under a single security policy

Note 1 to entry: In the context of this document, a domain contains all participating attestors, redactors and

verifiers.
[SOURCE: ISO/IEC 14888-1:2008, 3.4, modified — Note 1 to entry has been added.]
3.9
domain parameter

data item which is common to and known by or accessible to all entities within the domain (3.8)

[SOURCE: ISO/IEC 14888-1:2008, 3.5, modified — The article has been removed.]
3.10
field
sub-string of any length of the message (3.12)
3.11
key generation process
process for generating cryptographic keys
3.12
message
string of bits of any length

Note 1 to entry: In the context of this document, the message is always composed of one or several field(s). The

exact composition and a decomposition is always obtainable from the message.
[SOURCE: ISO/IEC 14888-1:2008, 3.10, modified — Note 1 to entry has been added.]
3.13
modification instruction

instruction that describes the message redaction, i.e. how a message (3.12) is to be redacted by the

redactor (3.24) within a redaction process (3.23)

Note 1 to entry: Modification instructions are called non-trivial if the message input to, and the message obtained

by, the redaction process are not identical.
2 PROOF/ÉPREUVE © ISO/IEC 2021 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/IEC 23264-1:2021(E)
3.14
redactable attestation
redactable digital attestation

data resulting from the redactable attestation process that is appended to a message (3.12) that allows

a recipient of this data to verify the source and integrity of the message (3.12)

Note 1 to entry: This string of bits may have an internal structure that is specific to the attestation mechanism.

3.15
redactable attestation process

process which takes as inputs the message (3.12), the private attestation key (3.2), the admissible changes

(3.1) and the domain parameters (3.9), and which outputs a redactable attestation (3.14)

3.16
redactable attestation scheme

set of processes that achieves digital attestation (3.7) and supports the creation and verification of

redactable attestations (3.14) together with a redaction process (3.23)
3.17
redacted admissible changes
admissible changes (3.1) that are the output of the redaction process (3.23)

Note 1 to entry: The redacted admissible changes are derived during the redaction process from the given

admissible changes by applying modification instructions.
3.18
redacted attestation
redacted digital attestation

attestation resulting from applying the redaction process (3.23) at least once with some modification

instructions (3.13)

Note 1 to entry: This string of bits may have an internal structure that is specific to the attestation mechanism.

3.19
redacted attested message

set of data items resulting from the redaction process (3.23) which consists of the redacted attestation

(3.18), the redacted admissible changes (3.17) and the redacted message (3.20) composed from those

fields (3.10) that have not been subject to any redaction

Note 1 to entry: Depending on the instantiation, if not all redacted admissible changes are part of the redacted

attested message, then at least those redacted admissible changes that are relevant for the verification process

can be reconstructed from the redacted attestation in combination with the redacted message and the

verification key.
3.20
redacted message
message (3.12) that is the output from the redaction process (3.23)
3.21
redaction

removal of a field (3.10) such that it results in the irreversible and permanent removal of information

contained within that field from the message (3.12)

Note 1 to entry: The removal of a field only removes the information contained within that field. Information that

can be derived from other fields of the message or from other sources is not removed.

© ISO/IEC 2021 – All rights reserved PROOF/ÉPREUVE 3
---------------------- Page: 8 ----------------------
ISO/IEC 23264-1:2021(E)
3.22
redaction key

set of public data elements which is related to an attestor’s (3.4) private attestation key (3.2) and which

is used by the redactor (3.24) in the redaction process (3.23)

Note 1 to entry: Depending on the instantiation, the redaction key may be private or public. In any case,

knowledge of the redaction key does not result in information about the attestor’s private attestation key.

3.23
redaction process
process w
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.