BS ISO/IEC 14888-3:2018

What is ISO/IEC 14888-3 about?  

ISO/IEC 14888-3 is the third part of the ISO/IEC 14888 series of standards that is applicable digital signature mechanisms with appendix whose security is based on the discrete logarithm problem.  

ISO/IEC 14888-3 provides: 

• A general description of a digital signature with appendix mechanism, and  
• A variety of mechanisms that provide digital signatures with appendix. 

For each mechanism, ISO/IEC 14888-3 specifies 

• The process of generating a pair of keys,  
• The process of producing signatures, and 
• The process of verifying signatures. 

Annex A defines object identifiers assigned to the digital signature mechanisms specified in ISO/IEC 14888-3, and defines algorithm parameter structures. Annex B defines conversion functions of FE2I, I2FE, FE2BS, BS2I, I2BS, I2OS and OS2I used ISO/IEC 14888-3. Annex D defines how to generate DSA domain parameters.  

Who is ISO/IEC 14888-3 for? 

ISO/IEC 14888-3 on digital signatures is useful for: 

• Software engineers 
• Software developers 
• Organizations 

Why should you use ISO/IEC 14888-3?  

Digital signature mechanisms can be used to provide services such as entity authentication, data origin authentication, non-repudiation, and data integrity. A digital signature mechanism satisfies the following requirements: 

• It should be computationally infeasible for the attacker to 
• It should be computationally infeasible, even for the signer, to find two different messages with the same signature. 

ISO/IEC 14888-3 provides a randomized mechanism that is: when, for a given message and signature key, any two applications of the signature process produce (with high probability) two distinct signatures, the mechanism is said to be randomized (or non-deterministic). 

The security of a signature mechanism is based on an intractable computational problem, i.e. a problem for which, given current knowledge, finding a solution is computationally infeasible, such as the factorization problem and the discrete logarithm problem. ISO/IEC 14888-3 specifies digital signature mechanisms with appendix based on the discrete logarithm problem, and specifies digital signature mechanisms with appendix based on the factorization problem. 

ISO/IEC 14888-3 includes 14 mechanisms: two of which (DSA and Pointcheval/Vaudenay algorithm) were in ISO/IEC 148883:1998, three of which (ECDSA, ECKCDSA, and ECGDSA) were from ISO/IEC 159462:2002 and three of which (KCDSA, IBS1 and IBS2) were added in ISO/IEC 148883:2006, four of which (SRA, ECRDSA, ECSDSA and ECFSDSA) were added in ISO/IEC 148883:2006/Amd 1:2010, and two of which (SM2 and Chinese IBS) are added in ISO/IEC 14888-3. The mechanisms specified in ISO/IEC 14888-3 use a collision resistant hash-function to hash the message being signed. 

What’s changed since the last update?  

BS ISO/IEC 14888-3:2018 supersedes BS ISO 148883:2016. 

The main changes are as follows: 

• SM2 algorithm has been added 
• Chinese IBS algorithm has been added; 
• Numerical examples of KCDSA, ECDSA and ECKCDSA have been added 
• Several formulae and symbols have been corrected