Codes & Standards - Purchase
ISO/IEC 23264-2:2024
Information security — Redaction of authentic data — Part 2: Redactable signature schemes based on asymmetric mechanisms
SKU: iso_078342_186946
Published by ISO/IEC
Publication Year 2024
1 Edition
58 pages
Product Details
This document specifies cryptographic mechanisms to redact authentic data. The mechanisms described in this document offer different combinations of the security properties defined and described in ISO/IEC 23264-1. For all mechanisms, this document describes the processes for key generation, generating the redactable attestation, carrying out redactions and verifying redactable attestations.
This document contains mechanisms that are based on asymmetric cryptography using three related transformations:
¾ a public transformation defined by a verification key (verification process for verifying a redactable attestation),
¾ a private transformation defined by a private attestation key (redactable attestation process for generating a redactable attestation), and
¾ a third transformation defined by the redaction key (redaction process) allowing to redact authentic information within the constraints set forth during generation of the attestation such that redacted information cannot be reconstructed.
This document contains mechanisms which, after a successful redaction, allow the attestation to remain verifiable using the verification transformation and attest that non-redacted fields of the attested message are unmodified. This document further details that the three transformations have the property whereby it is computationally infeasible to derive the private attestation transformation, given the redaction and or the verification transformation and key(s).
This document contains mechanisms that are based on asymmetric cryptography using three related transformations:
¾ a public transformation defined by a verification key (verification process for verifying a redactable attestation),
¾ a private transformation defined by a private attestation key (redactable attestation process for generating a redactable attestation), and
¾ a third transformation defined by the redaction key (redaction process) allowing to redact authentic information within the constraints set forth during generation of the attestation such that redacted information cannot be reconstructed.
This document contains mechanisms which, after a successful redaction, allow the attestation to remain verifiable using the verification transformation and attest that non-redacted fields of the attested message are unmodified. This document further details that the three transformations have the property whereby it is computationally infeasible to derive the private attestation transformation, given the redaction and or the verification transformation and key(s).