标准摘要
[中文适用范围]: ISO/IEC 9796 的这一部分指定了三种提供消息恢复的数字签名方案,其中两种是确定性的(非随机的),另一种是随机的。 所有三种方案的安全性都是基于分解大数的难度。 所有三种方案都可以提供全部或部分消息恢复。 ISO/IEC 9796 的本部分规定了三种签名方案的密钥生成方法。 但是,密钥管理和随机数生成技术(根据随机签名方案的要求)超出了 ISO/IEC 9796 的本部分的范围。 ISO/IEC 9796。 只要有可能,建议该标准的用户采用第二种机制(数字签名方案 2)。 然而,在签名者生成随机变量被认为不可行的环境中,建议使用数字签名方案3。 数字签名方案 1 只能用于需要与实施本标准第一版的系统兼容的环境中。 然而,数字签名方案 1 仅与实现该标准第一版且使用至少 160 位哈希码的系统兼容。 [外文原描述]: ISO/IEC 9796-2:2002 specifies three digital signature schemes giving message recovery, two of which are deterministic (non-randomized) and one of which is randomized. The security of all three schemes is based on the difficulty of factorizing large numbers. All three schemes can provide either total or partial message recovery. The method for key production for the three signature schemes is specified in this part of ISO/IEC 9796. However, techniques for key management and for random number generation (as required for the randomized signature scheme), are outside the scope of this part of ISO/IEC 9796. Users of this International Standard are, wherever possible, recommended to adopt the second mechanism (Digital signature scheme 2). However, in environments where generation of random variables by the signer is deemed infeasible, then Digital signature scheme 3 is recommended. Digital signature scheme 1 shall only be used in environments where compatibility is required with systems implementing the first edition of this International Standard. However, Digital signature scheme 1 is only compatible with systems implementing the first edition of this International Standard that use hash-codes of at least 160 bits.
英文名称Information technology - Security techniques - Digital signature schemes giving message recovery - Part 2: Integer factorization based mechanisms