Skip to main content
{{cartCount}} Cart

ISO/IEC 14888-2:2008

Current Date published:

Information technology - Security techniques - Digital signatures with appendix - Part 2: Integer factorization based mechanisms

ISO/IEC 14888 specifies digital signature with appendix. As no part of the message is recovered from the signature (the recoverable part of the message is empty), the signed message consists of the signature and the whole message.

NOTE ISO/IEC 9796 specifies digital signature giving message recovery. As all or part of the message is recovered from the signature, the recoverable part of the message is not empty. The signed message consists of either the signature only (when the non-recoverable part of the message is empty), or both the signature and the non-recoverable part.

ISO/IEC 14888-2:2008 specifies digital signatures with appendix whose security is based on the difficulty of factoring the modulus in use. For each signature scheme, it specifies:


  • the relationships and constraints between all the data elements required for signing and verifying;

  • a signature mechanism, i.e. how to produce a signature of a message with the data elements required for signing;

  • a verification mechanism, i.e. how to verify a signature of a message with the data elements required for verifying.



The title of ISO/IEC 14888-2 has changed from Identity-based mechanisms (first edition) to Integer factorization based mechanisms (second edition).

  1. ISO/IEC 14888-2:2008 includes the identity-based scheme specified in ISO/IEC 14888-2:1999, namely the GQ1 scheme. This scheme has been revised due to the withdrawal of ISO/IEC 9796:1991 in 1999.

  2. Among the certificate-based schemes specified in ISO/IEC 14888-3:1998, it includes all the schemes based on the difficulty of factoring the modulus in use, namely, the RSA, RW and ESIGN schemes. These schemes have been revised due to the withdrawal of ISO/IEC 9796:1991 in 1999.

  3. It takes into account ISO/IEC 14888-3:1998/Cor.1:2001, technical corrigendum of the ESIGN scheme.

  4. It includes a format mechanism, namely the PSS mechanism, also specified in ISO/IEC 9796-2:2002, and details of how to use it in each of the RSA, RW, GQ1 and ESIGN schemes.

  5. It includes new certificate-based schemes that use no format mechanism, namely, the GQ2, GPS1 and GPS2 schemes.

  6. For each scheme and its options, as needed, it provides an object identifier.

Get this standard Prices exclude GST
PDF ( Single user document)
$361.74 NZD
HardCopy
$406.09 NZD
Networkable PDF
Price varies
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Pages: 66

Amendments

Keep me up-to-date

Register to receive notifications when updates are made to this standard.

Related Information

Similar Standards

  • AS/NZS ISO/IEC 27001:2023

    Information security, cybersecurity and privacy protection – Information security management systems – Requirements

  • AS/NZS ISO/IEC 27002:2022

    Information security, cybersecurity and privacy protection — Information security controls

  • AS/NZS ISO/IEC 27551:2024

    Information security, cybersecurity and privacy protection – Requirements for attribute-based unlinkable entity authentication

  • BS 10754-1:2018

    Information technology. Systems trustworthiness, Governance and management specification

Preview only close
Prev {{ page }}/ {{ numPages }} Next
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Pages: 66

Amendments

ISO/IEC 14888-2:2008

Get this standard Prices exclude GST
PDF ( Single user document)
$361.74 NZD
HardCopy
$406.09 NZD
Networkable PDF
Price varies

Request to add this standard to your subscription

ISO/IEC 14888-2:2008

Price varies
Online library subscription

Click "Send request for subscription" to ask your Account Administrator to add this standard to your subscripiton.

Cancel