ISO IEC 9798-1 pdf download Information technology — Security techniques — Entity authentication — Part 1: General
This part of ISO/IEC 9798 specifies an authentication model and general requirements and constraints for entity authentication mechanisms which use security techniques. These mechanisms are used to corroborate that an entity is the one that is claimed. An entity to be authenticated proves its identity by showing its knowledge of a secret. The mechanisms are defined as exchanges of information between entities and, where required, exchanges with a trusted third party.
The details of the mechanisms and the contents of the authentication exchanges are given in subsequent parts of ISO/IEC 9798.
2 Normative references
There are no normative references for this part of ISO/IEC 9798.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
asymmetric cryptographic technique
cryptographic technique that uses two related transformations: a public transformation (defined by the public key) and a private transformation (defined by the private key)
NOTE The two transformations have the property that, given the public transformation, it is computationally infeasible to derive the private transformation.
asymmetric encryption system
system based on asymmetric cryptographic techniques whose public operation is used for encryption and whose private operation is used for decryption
asymmetric key pair
pair of related keys where the private key defines the private transformation and the public key defines the public transformation
asymmetric signature system
system based on asymmetric cryptographic techniques whose private transformation is used for signing and whose public transformation is used for verification
data item chosen at random and sent by the verifier to the claimant, which is used by the claimant, in conjunction with secret information held by the claimant, to generate a response which is sent to the verifier
entity which is or represents a principal for the purposes of authentication
NOTE A claimant includes the functions and the private data necessary for engaging in authentication exchanges on behalf of a principal.
data which has been transformed to hide its information content
cryptographic check function
cryptographic transformation which takes as input a secret key and an arbitrary string, and which gives a cryptographic check value as output
NOTE The computation of a correct check value without knowledge of the secret key shall be infeasible.
cryptographic check value
information which is derived by performing a cryptographic transformation on the data unit
reversal of a corresponding encryption
digital signature (signature)
data appended to, or a cryptographic transformation of, a data unit that allows the recipient of the data unit to prove the source and integrity of the data unit and protect against forgery, e.g. by the recipient
information which unambiguously distinguishes an entity in the context of an authentication exchange