scope:

This International Standard specifies four mechanisms for signcryption, i.e. defined ways of processing a data string with the following security objectives: - data confidentiality, i.e. protection against unauthorised disclosure of data; - data integrity, i.e. protection that enables the recipient of data to verify that it has not been modified; - data origin authentication, i.e. protection that enables the recipient of data to verify the identity of the data originator; - data unforgeability, i.e. protection against unauthorized modification of data, even by a recipient of the data. All four mechanisms specified in this International Standard employ public key cryptographic techniques, and require both the originator and the recipient of the protected data to have their own public and private key pairs. Infrastructures for management of public keys are outside the scope of this International Standard; public key infrastructures are defined in ISO/IEC 11770-1 and ISO/IEC 9594. Two of the mechanisms in this International Standard, namely mechanisms DLSC and ECDLSC, require the employment of system wide public key parameters for both the sender and the recipient of data. In a system where a multiple number of pairs of senders and recipients exist, the same system wide parameters are required to be used by all these users. The remaining mechanisms IFSC and EtS do not require the use of such system wide public key parameters. NOTE 1 In selecting the four signcryption mechanisms for inclusion in this International Standard from the large variety of such techniques published and in use, the same seven criteria as those stated in ISO/IEC 18033-1:2005, Annex A, have been followed. The exclusion of particular methods does not imply that those methods are insecure. NOTE 2 This International Standard bears a conceptual similarity to ISO/IEC 19772 [14] which specifies a number of mechanisms for authenticated encryption, that is, simultaneously achieving message integrity and confidentiality. Major differences between ISO/IEC 19772 and this International Standard include (1) mechanisms specified in ISO/IEC 19772 fall into the category of symmetric cryptographic techniques, whereas those specified in this International Standard are representatives of asymmetric cryptographic techniques; (2) while all mechanisms specified in ISO/IEC 19772 and this International Standard offer the capability of data integrity and origin authentication, mechanisms specified in this International Standard further offer the capability of data unforgeability, even by a recipient of the data.