ISO/IEC 23264-2:2024

Information security — Redaction of authentic data — Part 2: Redactable signature schemes based on asymmetric mechanisms

Publication date:   Aug 15, 2024

General information

60.60 Standard published   Aug 15, 2024

ISO/IEC

ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

International Standard

35.030   IT Security

Buying

  Published

PDF - €76.23

  English  



Buy

Scope

This document specifies cryptographic mechanisms to redact authentic data. The mechanisms described in this document offer different combinations of the security properties defined and described in ISO/IEC 23264-1. For all mechanisms, this document describes the processes for key generation, generating the redactable attestation, carrying out redactions and verifying redactable attestations.
This document contains mechanisms that are based on asymmetric cryptography using three related transformations:
¾      a public transformation defined by a verification key (verification process for verifying a redactable attestation),
¾      a private transformation defined by a private attestation key (redactable attestation process for generating a redactable attestation), and
¾      a third transformation defined by the redaction key (redaction process) allowing to redact authentic information within the constraints set forth during generation of the attestation such that redacted information cannot be reconstructed. 
This document contains mechanisms which, after a successful redaction, allow the attestation to remain verifiable using the verification transformation and attest that non-redacted fields of the attested message are unmodified. This document further details that the three transformations have the property whereby it is computationally infeasible to derive the private attestation transformation, given the redaction and or the verification transformation and key(s).

Life cycle

NOW

PUBLISHED
ISO/IEC 23264-2:2024
60.60 Standard published
Aug 15, 2024