Information technology — Security techniques — Entity authentication — Part 5: Mechanisms using zero-knowledge techniques
ISO/IEC 9798-5:2004 specifies authentication mechanisms in the form of exchange of information between a claimant and a verifier.
In accordance with the types of calculations that need to be performed by a claimant and the verifier (see Annex C), the mechanisms specified in ISO/IEC 9798-5:2004 can be classified into four main groups.
- The first group is characterized by the performance of short modular exponentiations. The challenge size needs to be optimized since it has a proportional impact on workloads.
- The second group is characterized by the possibility of a "coupon" strategy for the claimant. A verifier can authenticate a claimant without computational power. The challenge size has no impact on workloads.
- The third group is characterized by the possibility of a "coupon" strategy for the verifier. A verifier without computational power can authenticate a claimant. The challenge size has no impact on workloads.
- The fourth group has no possibility of a "coupon" strategy.
|Get this standard||Prices exclude GST|
|PDF ( Single user document)||
Keep me up-to-dateSign up to receive updates when there are changes to this standard
AS/NZS ISO/IEC 27002:2022
Information security, cybersecurity and privacy protection — Information security controls
Information technology. Systems trustworthiness, Governance and management specification
Information security management systems, Guidelines for information security risk management
Design and operation of online user identification systems. Code of practice