CAN/CSA-ISO/IEC 9798-5:02

This National Standard of Canada is equivalent to International Standard ISO/IEC 9798-5:1999 (first edition, 1999-03-15). 1 Scope This part of ISO/IEC 9798 specifies three entity authentication mechanisms using zero knowledge techniques. All the mechanisms specified in this part of ISO/IEC 9798 provide unilateral authentication. These mechanisms are constructed using the principles of zero knowledge, but they will not be zero knowledge according to the stritt definition sketched in Annex A for all choices of Parameters. The first mechanism is said to be based on identities. A trusted accreditation authority provides each claimant with private accreditation information, computed as a function of the claimants identification data and the accreditation authoritys private key. The second mechanism is said to be certificate-based using discrete logarithms. Every claimant possesses a public key, private key pair for use in this mechanism. Every verifier of a claimants identity must possess a trusted copy of the claimants public verification key; the means by which this is achieved is beyond the scope of this Standard, but it may be achieved through the distribution of certificates signed by a Trusted Third Party. The third mechanism is said to be certificate-based using an asymmetric encipherment System. Every claimant possesses a public key, private key pair for an asymmetric cryptosystem. Every verifier of a claimants identity must possess a trusted copy of the claimants public key; the means by which this is achieved is beyond the scope of this standard, but it may be achieved through the distribution of certificates signed by a Trusted Third Party.