This document establishes five modes of operation for applications of an n-bit block cipher (e.g. protection of data during transmission or in storage). The defined modes only provide protection of data confidentiality.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:10116:ed-4:v1:en
ISO/IEC 10118 specifies hash-functions and is therefore applicable to the provision of authentication, integrity and non-repudiation services. Hash-functions can be used for:
— reducing a message to a short imprint for input to a digital signature mechanism.
— committing the user to a given string of bits without revealing this string.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:10118:-1:ed-3:v1:en
This part of ISO/IEC 9798 specifies entity authentication mechanisms using zero-knowledge techniques:
— mechanisms based on identities and providing unilateral authentication;
— mechanisms based on integer factorization and providing unilateral authentication;
— mechanisms based on discrete logarithms with respect to numbers that are either prime or composite, and providing unilateral authentication;
— mechanisms based on asymmetric encryption systems and providing either unilateral authentication, or mutual authentication;
— mechanisms based on discrete logarithms on elliptic curves and providing unilateral authentication.
These mechanisms are constructed using the principles of zero-knowledge techniques, but they are not necessarily zero-knowledge according to the strict definition for every choice of parameters.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:9798:-5:ed-3:v1:en
This part of ISO/IEC 9798 specifies entity authentication mechanisms using a cryptographic check function. Two mechanisms are concerned with the authentication of a single entity (unilateral authentication), while the remaining are mechanisms for mutual authentication of two entities.
The mechanisms specified in this part of ISO/IEC 9798 use time variant parameters such as time stamps, sequence numbers, or random numbers, to prevent valid authentication information from being accepted at a later time or more than once.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:9798:-4:ed-2:v1:en
This document specifies entity authentication mechanisms using digital signatures based on asymmetric techniques. A digital signature is used to verify the identity of an entity.
Ten mechanisms are specified in this document. The first five mechanisms do not involve an on-line trusted third party and the last five make use of on-line trusted third parties. In both of these two categories, two mechanisms achieve unilateral authentication and the remaining three achieve mutual authentication.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:9798:-3:ed-3:v1:en
This part of ISO/IEC 9798 specifies entity authentication mechanisms using symmetric encipherment algorithms. Four of the mechanisms provide entity authentication between two entities where no trusted third party is involved; two of these are mechanisms to unilaterally authenticate one entity to another, while the other two are mechanisms for mutual authentication of two entities. The remaining mechanisms require a trusted third party for the establishment of a common secret key, and realize mutual or unilateral entity authentication.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:9798:-2:ed-3:v1:en
This part of ISO/IEC 9798 specifies an authentication model and general requirements and constraints for entity authentication mechanisms which use security techniques. These mechanisms are used to corroborate that an entity is the one that is claimed. An entity to be authenticated proves its identity by showing its knowledge of a secret. The mechanisms are defined as exchanges of information between entities and, where required, exchanges with a trusted third party.
This part of ISO/IEC 10118 specifies hash-functions which make use of an n-bit block cipher algorithm.
Four hash-functions are specified. The first provides hash-codes of length less than or equal to n, where n is the block-length of the underlying block cipher algorithm used. The second provides hash-codes of length less than or equal to 2n; the third provides hash-codes of length equal to 2n; and the fourth provides hash-codes of length 3n.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:10118:-2:ed-3:v1:en
This document specifies dedicated hash-functions, i.e. specially designed hash-functions. The hash-functions in this document are based on the iterative use of a round-function. Distinct round-functions are specified, giving rise to distinct dedicated hash-functions.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:10118:-3:ed-4:v1:en
In information technology there is an ever-increasing need to use cryptographic mechanisms for the protection of data against unauthorised disclosure or manipulation, for entity authentication, and for non-repudiation functions. The security and reliability of such mechanisms are directly dependent on the management and protection afforded to a security parameter, the key.
This part of ISO/IEC 11770:
a) establishes the general model on which key management mechanisms are based.
b) defines the basic concepts of key management which are common to all the parts of ISO/IEC 11770.
c) specifies the characteristics of key management services.
d) establishes general principles on the management of keying material during its life cycle.
e) establishes the conceptual model of key distribution.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:11770:-1:ed-2:v1:en
This International Standard gives guidelines for organizational information security standards and information security management practices including the selection, implementation and management of controls taking into consideration the organization’s information security risk environment(s).
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:27002:ed-2:v1:en
This International Standard specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. This International Standard also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:27001:ed-2:v1:en
