ISO/IEC 7064:2003
(Main)Information technology — Security techniques — Check character systems
Information technology — Security techniques — Check character systems
ISO/IEC 7064:2002 specifies a set of check character systems capable of protecting strings against errors which occur when people copy or key data. The strings may be of fixed or variable length and may have character sets which are numeric (10 digits: 0 to 9); alphabetic (26 letters: A to Z); alphanumeric (letters and digits). Embedded spaces and special characters are ignored. ISO/IEC 7064:2002 specifies conformance requirements for products described as generating check characters or checking strings using the systems given in this International Standard. ISO/IEC 7064:2002 is for use in information interchange between organizations; it is also strongly recommended as good practice for internal information systems. The check character systems specified in ISO/IEC 7064:2002 can detect: all single substitution errors (the substitution of a single character for another, for example 4234 for 1234); all or nearly all single (local) transposition errors (the transposition of two single characters, either adjacent or with one character between them, for example 12354 or 12543 for 12345); all or nearly all shift errors (shifts of the whole string to the left or right); a high proportion of double substitution errors (two separate single substitution errors in the same string, for example 7234587 for 1234567); a high proportion of all other errors. ISO/IEC 7064:2002 excludes systems designed specifically to: permit both error detection and automatic correction; detect deliberate falsification; check strings interchanged solely between machines. ISO/IEC 7064:2002 specifies two types of systems: pure systems; hybrid systems. The pure systems use a single modulus for all stages of the calculation.
Technologies de l'information — Techniques de sécurité — Systèmes de caractères de contrôle
General Information
Relations
Standards Content (Sample)
INTERNATIONAL ISO/IEC
STANDARD 7064
First edition
2003-02-15
Information technology — Security
techniques — Check character systems
Technologies de l'information — Techniques de sécurité — Systèmes
de caractères de contrôle
Reference number
ISO/IEC 7064:2003(E)
©
ISO/IEC 2003
---------------------- Page: 1 ----------------------
ISO/IEC 7064:2003(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.
© ISO/IEC 2003
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2003 — All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 7064:2003(E)
Contents
1 Scope 1
2 Terms and definitions 1
3 Symbols and notation 2
4 Types of systems 2
4.1 Pure systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
4.2 Hybrid systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
5 Compliance and designation 2
5.1 Strings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
5.2 Check character generating products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
5.3 Checking products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
5.4 System designation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
6 Specification of pure systems 3
6.1 Formula . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
6.2 Calculation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
6.3 Check character position . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
7 Computational methods for pure systems with one check character 4
7.1 Pure system recursive method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
7.1.1 Computation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
7.1.2 Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
7.2 Pure system polynomial method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
7.2.1 Computation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
7.2.2 Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
8 Computational methods for pure systems with two check characters 6
8.1 Computation . 6
8.2 Example using recursive method . 6
8.3 Example using polynomial method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
8.4 Simplified procedure for ISO/IEC 7064, MOD 97–10 . . . . . . . . . . . . . . . . . . . . . . . . . . 7
9 Specification for hybrid systems 7
9.1 Formula . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
9.2 Check character position . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
10 Computational method for hybrid systems 8
10.1 Hybrid system recursive method . 8
10.1.1 Computation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
10.1.2 Example. 8
Annex A (informative) Criteria for the selection of check character systems for applications . . . . . 10
Annex B (informative) Check character systems for other alphabets . . . . . . . . . . . . . . . . . . . . . 12
Bibliography . . . . . . . . . . . . . . . . 13
© ISO/IEC 2003 — All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC 7064:2003(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form
the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the
development of International Standards through technical committees established by the respective organization to deal
with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest.
Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International Standards
adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International
Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO
and IEC shall not be held responsible for identifying any or all such patent rights.
ISO/IEC 7064 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee
SC 27, IT Security techniques.
This first edition of ISO/IEC 7064 cancels and replaces ISO 7064:1983, which has been technically revised. Note,
however, that implementations which comply with ISO 7064:1983 will be compliant with ISO/IEC 7064:2003.
iv © ISO/IEC 2003 — All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC 7064:2003(E)
Introduction
The need for standardization of check character systems was determined by the following considerations:
a) of the multitude of systems in use, many have very similar characteristics, and much of the variety fails to
provide any significant benefit;
b) few of the existing systems have been thoroughly verified mathematically and several have serious defects;
c) the variety of systems undermines the economics of products which generate or validate check characters, and
frequently prevents the checking of interchanged data.
Therefore a small set of compatible systems were selected to cope with various application needs; they were
validated, and within the constraints of each application, offer high protection against typical transcription and
keying errors.
Existing check character systems as specified in ISO 2108, ISO 2894 and ISO 6166 are used in special application
fields (ISO 2894 has been withdrawn). These do not however, achieve the error detection rate of the systems
specified in this International Standard.
Annex A summarizes the criteria to be considered when selecting a check character system specified in this
International Standard for a particular application.
Annex B provides an example of a method by which this standard may be applied to an alphabet that has more
than 26 characters.
© ISO/IEC 2003 — All rights reserved v
---------------------- Page: 5 ----------------------
INTERNATIONAL STANDARD ISO/IEC 7064:2003(E)
Information technology — Security techniques —
Check character systems
1 Scope a) permitbotherrordetectionandautomaticcorrec-
tion;
1.1 This International Standard specifies a set of
b) detect deliberate falsification; and
check character systems capable of protecting strings
against errors which occur when people copy or type
c) check strings interchanged solely between ma-
data. The strings may be of fixed or variable length
chines.
and may have character sets which are
1.5 This International Standard is for use in infor-
a) numeric (10 digits: 0 to 9);
mation interchange between organizations. It is also
strongly recommended for use in internal information
b) alphabetic (26 letters: A to Z); and
systems.
c) alphanumeric (letters and digits).
2 Terms and definitions
Embedded spaces and special characters are ignored.
For the purposes of this International Standard, the
1.2 This International Standard specifies confor-
following terms and definitions apply.
mance requirements for products described as gener-
ating check characters or checking strings using the
systems given in this International Standard.
2.1 check character: Added character which may
be used to verify the accuracy of the string by a
1.3 These check character systems can detect:
mathematical relationship to that string.
2.2 check character system: Set of rules for gen-
a) all single substitution errors (the substitution of a
erating check characters and checking strings in-
single character for another, for example “4234”
corporating check characters.
for “1234)”;
2.3 supplementary check character: Check
b) all or nearly all single (local) transposition errors
character which does not belong to the charac-
(thetranspositionoftwosinglecharacters, either
ter set of the strings which are to be protected.
adjacentorwithonecharacterbetweenthem, for
example “12354” or “12543” for “12345”);
2.4 modulus: Integer used as a divisor of an integer
dividendinordertoobtainanintegerremainder.
c) all or nearly all circular shift errors (circular shifts
of the whole string to the left or right);
2.5 congruence: Property of a set of integers which
differ from each other by a multiple of the mod-
d) a high proportion of double substitution er-
ulus. Congruence is indicated by the symbol ≡.
rors (two separate single substitution errors in
For example, 39 ≡ 6 (mod11) indicates that 39
the same string, for example “7234587” for
and 6 are congruent with respect to the modulus
“1234567)”; and
11, i.e., 39−6=33, which is a multiple of 11.
e) a high proportion of all other errors.
2.6 radix: Base of a geometric progression.
1.4 This International Standard excludes systems
designed specifically to:
�c ISO/IEC 2003 – All rights reserved 1
---------------------- Page: 6 ----------------------
ISO/IEC 7064:2003(E)
3 Symbols and notation 4.2 Hybrid systems
ThehybridsystemsarelistedinTable2andspecified
ThroughoutISO/IEC7064thefollowingsymbolsand
in Clauses 9 and 10. The hybrid systems each use
notation are used.
two moduli in the calculation. One modulus is equal
to, and the other is one greater than, the number
a Numerical value of the character in position i.
i
of characters in the character set of the string to be
protected. These hybrid systems always provide a
i Index of the character position.
check character within the character set of the string
M Modulus.
to be protected.
n Number of characters in a string, including the
check character.
5 Compliance and designation
P , S , V Integers which are used in the calculation
j j
of the check character to store an intermediate 5.1 Strings
result.
Strings protected by one of the systems specified in
r Radix.
this International Standard for the relevant applica-
tion comply with this International Standard.
w Weight for the polynomial method.
j
X, ∗ Supplementary check characters. 5.2 Check character generating products
:= A symbol denoting the ‘set equal to’ operation
5.2.1 Products (implemented either in software
used in the procedural specifications of check
or hardware) that are described as generating check
characters, which indicates that the value of the
characterstothisInternationalStandardwithoutfur-
integer on the left side of the symbol shall be
ther qualification shall be capable of generating check
made equal to the value of the expression on the
characters for all systems in this International Stan-
right side of the symbol.
dard.
≡ A symbol denoting ‘congruence’ (see Clause 2.5).
5.2.2 Thedescriptionofproductswhichdonotgen-
eratecheckcharactersforallthesystemsinthisInter-
k A symbol denoting the unique integer between 1
M
national Standard shall specify those systems which
andM thatistheremainderafterdividingbyM;
they do cover, for example “generates check charac-
if this remainder is zero then the value M shall
ters in accordance with ISO/IEC 7064, MOD 11–2”.
be substituted.
| A symbol denoting the unique integer between
M+1
5.3 Checking products
0 and M that is the remainder after dividing by
M +1; the remainder is never zero after this op- 5.3.1 Products (implemented either in software or
eration. hardware) that are described as checking strings to
this International Standard without further qualifica-
(modM) A symbol denoting the unique integer be-
tion shall be capable of using all the systems in this
tween 0 and M −1 that is the remainder after
International Standard.
dividing by M.
5.3.2 The description of products which check
strings using only certain of the systems in this Inter-
4 Types of systems
national Standard shall specify those systems which
they do cover, for example “checks strings using
ThisInternationalStandardspecifiestwotypesofsys-
ISO/IEC 7064, MOD 11–2”.
tems:
5.4 System designation
a) pure systems (Clauses 6, 7 and 8) and
5.4.1 Normally the full designation of each system
b) hybrid systems (Clauses 9 and 10).
as given in Tables 1 and 2 shall be used, for example
“ISO/IEC 7064, MOD 11–2”.
4.1 Pure systems
NOTE — Abbreviations to forms such as “MOD 11”
The pure systems are listed in Table 1 and specified
will create confusion with the similar systems using
inClauses6, 7and8. Theyeachuseasinglemodulus
modulus 11.
for all stages of the calculation.
2 �c ISO/IEC 2003 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/IEC 7064:2003(E)
Table 1 — Pure systems
Check character Application Number and type of
1 2
system designation check characters
ISO/IEC 7064, MOD 11–2 Numeric strings 1 digit or the supplementary check character “X”
ISO/IEC 7064, MOD 37–2 Alphanumeric strings 1 digit or letter or the supplementary check
character “∗”
ISO/IEC 7064, MOD 97–10 Numeric strings 2 digits
ISO/IEC 7064, MOD 661–26 Alphabetic strings 2 letters
ISO/IEC 7064, MOD 1271–36 Alphanumeric strings 2 digits or letters
1 The first number following “MOD” in the designation is the modulus and the second number is the radix.
2 The first two systems may produce a supplementary check character outside the character set of the string to be checked (i.e.,
ISO/IEC 7064, MOD 11-2 check characters are “0” to “9” plus “X”, and ISO/IEC 7064, MOD 37–2 check characters are “0” to “9”,
and “A” to “Z”, plus “∗”). Where the supplementary check character is not acceptable and a single check character is required, it may
be possible to avoid issuing those strings which yield the supplementary check character. If neither the supplementary check character
can be tolerated nor can the strings yielding it be avoided, then the hybrid systems may be used instead.
Table 2 — Hybrid systems
Check character Application Number and type of
1
system designation check characters
ISO/IEC 7064, MOD 11,10 Numeric strings 1 digit
ISO/IEC 7064, MOD 27,26 Alphabetic strings 1 letter
ISO/IEC 7064, MOD 37,36 Alphanumeric strings 1 digit or letter
1 The two numbers following “MOD” in the designation are the two moduli.
5.4.2 Where there is a special need for brevity, for 6 Specification of pure systems
example when it is necessary to accompany a trans-
mitted data element by an indication of the system
6.1 Formula
used to protect it, the single digit designations indi-
A character string satisfies the check when:
cated in Table 3 may be used.
n
X
i−1
a ·r ≡1(modM),
i
Table 3 — Single digit designations
i=1
Check character system Designation
where
ISO/IEC 7064, MOD 11–2 1
ISO/IEC 7064, MOD 37–2 2
n is the number of characters in the string, in-
ISO/IEC 7064, MOD 97–10 3
cluding check character(s);
ISO/IEC 7064, MOD 661–26 4
ISO/IEC 7064, MOD 1271–36 5
i is the index of the character position starting
from the right (i.e., for the rightmost character,
ISO/IEC 7064, MOD 11,10 6
i = 1), disregarding spaces and special charac-
ISO/IEC 7064, MOD 27,26 7
ters;
ISO/IEC 7064, MOD 37,36 8
No check character or 0
a is the value of the character in position i as
i
non-standard system
defined in Table 4;
r is the radix (i.e., the basis for the geometric
progression); and
M is the modulus.
�c ISO/IEC 2003 – All rights reserved 3
---------------------- Page: 8 ----------------------
ISO/IEC 7064:2003(E)
6.2 Calculation
Any calculation procedure which satisfies the formula
may be used.
Table 4 — Values assigned to characters
6.3 Check character position
Value in Value in Value in
The check character(s) shall be placed at the right-
Charac- systems for systems for systems for
most end of the string.
ter numeric alphabetic alpha-
strings strings numeric
strings
7 Computational methods for pure
0 0 0
systems with one check character
1 1 1
2 2 2
Two basic computational methods for the pure sys-
3 3 3
tems are defined in this International Standard.
4 4 4
These are the pure system recursive method and the
5 5 5
pure system polynomial method. Both yield the same
6 6 6
resultandrequirethesamenumberofmultiplications
7 7 7
andadditions. Thepolynomialmethodrequiresmore
8 8 8
memory, as the system weights need to be stored.
9 9 9
1
X 10
7.1 Pure system recursive method
A 0 10
7.1.1 Comput
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.