Category ISO Standards

Elliptic-curve based signatures, identity-based encryption, and key agreement for constrained environments Public-key cryptography on constrained devices has long been considered impractical due to the enormous computational cost of modular exponentiation required by traditional algorithms like RSA. ISO/IEC 29192-4 changes this…

PHOTON, SPONGENT, and lightweight hashing for integrity and authentication on constrained devices Cryptographic hash functions are fundamental building blocks for data integrity, digital signatures, random-number generation, and many authentication protocols. On constrained devices, conventional hash functions such as SHA-256 require…

Lightweight MAC constructions for data integrity and origin authentication in constrained networks Message Authentication Codes (MACs) are essential for guaranteeing both the integrity and the authenticity of data transmitted over untrusted networks. In the IoT ecosystem, where devices broadcast sensor…

Information Technology — Anonymous Digital Signature Mechanisms Anonymous Digital Signature Mechanisms ISO/IEC 29191 defines anonymous digital signature mechanisms that enable authentication and integrity verification while protecting the signer’s identity. This standard addresses a fundamental tension in digital security: the need…

Foundations, scope, and security classification for resource-constrained environments As the Internet of Things (IoT) expands into every corner of modern life — from smart meters and medical implants to supply-chain RFID tags — the need for cryptographic primitives that can…

PRESENT, CLEFIA, and other lightweight block cipher designs for constrained environments Block ciphers remain the workhorse of symmetric cryptography, and ISO/IEC 29192-2 addresses the challenge of designing and standardising block ciphers that can be implemented with extremely low hardware resource…

A Technical Guide for Engineers and System Architects 1. Fundamentals of Presentation Attack Detection ISO/IEC 29183 specifies the technical requirements and evaluation methodologies for presentation attack detection (PAD) in biometric systems, commonly known as anti-spoofing. A presentation attack occurs when…

A Technical Guide for Engineers and System Architects 1. Signature Quality Metrics Framework ISO/IEC 29184 defines a comprehensive set of quality metrics for biometric signature data, encompassing both dynamic (on-line) signatures captured via digitizing tablets or stylus-enabled devices and static…

Identification of Privacy Protection Requirements — Part 1: Framework Understanding the Privacy Protection Framework ISO/IEC 29187-1 establishes a comprehensive framework for identifying privacy protection requirements in information technology systems. This standard, part of the broader ISO/IEC 29100 series on privacy,…

Information Technology — Privacy Capability Assessment Model Privacy Capability Maturity Model ISO/IEC 29190 defines a privacy capability assessment model that enables organizations to evaluate and improve their privacy management practices. The standard establishes a structured maturity framework that measures an…