ISO/IEC INTERNATIONAL STANDARD 20009-2 Firstedition 2013-12-01 Information technology Security techniques Anonymous entity authentication - Part 2: Mechanisms based on signatures using a group public key Technologies de I'information - Techniques de sécurité- Authentification anonyme d'entité- Partie 2: Mécanismes fondes sur des signatures numeriques utilisant une clé publique de groupe Reference number IS0/IEC 20009-2:2013(E) F CopyrightInternational Organization for Standardization @IS0/IEC2013 It license from IHS Not for Resale IS0/IEC 20009-2:2013(E) COPYRIGHTPROTECTEDDOCUMENT @IS0/IEC2013 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISO's member body in the country of the requester. ISOcopyrightoffice Case postale 56:CH-1211 Geneva 20 Tel. + 41 22 749 0111 Fax + 41 22 749 09 47 E-mail copyright@iso.org Web www.iso.org Published in Switzerland @ IS0/IEC 2013 -All rights reserved No reproductic networking permitted without license from IHS Not for Resale IS0/IEC 20009-2:2013(E) Contents Page Foreword ..iv Introduction. ..V 1 Scope. ..1 2 Normative references 3 Terms and definitions 4 Symbols and abbreviated terms ..3 5 General model and requirements. 6 Key generation process. ..5 7 Mechanisms without an online TTP .6 7.1 Introduction .6 7.2 Unilateral anonymous authentication 1 7.3 Mutual anonymous authentication .9 7.4 Unilateral-anonymous mutual authentication 12 7.5 Mutual anonymous authentication with binding-property .15 7.6 Unilateral-anonymous mutual authentication with binding-property .21 8 Mechanisms involving an online TTP .28 8.1 Introduction 28 8.2 Unilateral anonymous authentication 28 8.3 Mutual anonymous authentication 31 8.4 Unilateral-anonymous mutual authentication .35 9 The group membership opening process ..44 9.1 General .44 9.2 The evidence evaluation process ..45 10 The group signature linking process ..45 10.1 .45 General 10.2 Linking process with opener .45 10.3 Linking process with linking key .46 10.4 Linking process with linking base .46 Annex A (normative) Object identifiers ..47 Annex B (informative) Information on mechanisms with binding-property ..49 Bibliography .51 iii se with ISt vithoutlicense from IHS Not for Resale