What has changed in ISO 9796-2 ?
- From: Francois Grieu <fgrieu@xxxxxxxxx>
- Date: Wed, 26 Mar 2008 03:32:45 -0700 (PDT)
I notice that ISO/IEC 9796-2:2002 has recently been revised by ISO/IEC
Anyone has a sketch of the changes ?
Background: ISO 9796-2 is an international standard on a digital
signature scheme with message recovery; it is based based on the RSA
and Rabin cryptosystmems, and some hash function. The scheme has the
nice property that the increase in data size due to the signing
process is kept low (often: the hash size plus 2 bytes), whereas
PKCS#1 signing increases the data size by a modulus size. It inherits
fast signature verification from the underlying RSA and Rabin
ISO/IEC 9796-2:1997 is simple, and widely used in the industry (e.g.
banking, european tachograph smart cards..), but lacks provable
security and indeed has some security concerns should an adversary be
in a position to obtain the signature of many chosen messages. ISO/IEC
9796-2:2002 has introduced new modes with some level of provable
security even in this setup.
- Prev by Date: Re: El Gamal and Message Blocking
- Next by Date: Question about license management / software activation
- Previous by thread: Tooth Brushing between Medicine and Islam
- Next by thread: Question about license management / software activation