Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes
 Tatsuaki Okamoto
 … show all 1 hide
Abstract
This paper presents a threemove interactive identification scheme and proves it to be as secure as the discrete logarithm problem. This provably secure scheme is almost as efficient as the Schnorr identification scheme, while the Schnorr scheme is not provably secure. This paper also presents another practical identification scheme which is proven to be as secure as the factoring problem and is almost as efficient as the GuillouQuisquater identification scheme: the GuillouQuisquater scheme is not provably secure. We also propose practical digital signature schemes based on these identification schemes. The signature schemes are almost as efficient as the Schnorr and GuillouQuisquater signature schemes, while the security assumptions of our signature schemes are weaker than those of the Schnorr and GuillouQuisquater. signature schemes. This paper also gives a theoretically generalized result: a threemove identification scheme can be constructed which is as secure as the randomselfreducible problem. Moreover, this paper proposes a variant which is proven to be as secure as the difficulty of solving both the discrete logarithm problem and the specific factoring problem simultaneously. Some other variants such as an identitybased variant and an elliptic curve variant are also proposed.
 T. Beth, “Efficient ZeroKnowledge Identification Scheme for Smart Cards,” Proceedings of Eurocrypt’ 88, LNCS 330, SpringerVerlag, pp.77–86 (1988).
 E.F. Brickell, D.M. Gordon, K.S. McCurley, and D. Wilson, “Fast Exponentiation with Precomputation”, to appear in the Proceedings of Eurocrypt’ 92.
 E.F. Brickell, and K.S. McCurley, “An Interactive Identification Scheme Based on Discrete Logarithms and Factoring,” Journal of Cryptology, Vol. 5, No. 1, pp.29–39 (1992).
 E.F. Brickell, and K.S. McCurley, “Interactive Identification and Digital Signatures,” AT&T Technical Journal, pp.73–86, November/December (1991).
 M. Bellare, S. Micali and R. Ostrovsky, “Perfect ZeroKnowledge in Constant Rounds,” Proceedings of STOC, pp.482–493 (1990).
 M. Bellare, S. Micali and R. Ostrovsky, “The (True) Complexity of Statistical ZeroKnowledge.” Proceedings of STOC, pp.494–502 (1990).
 D. Chaum, “Security without Identification: Transaction Systems to Make Big Brother Obsolete,” Comm. of the ACM, 28,10, pp.1030–1044 (1985). CrossRef
 L. Chen, I. Damgård, “Security Bounds for Parallel Versions of Identification Protocols,” Manuscript (1992).
 U. Feige and A. Shamir, “Witness Indistinguishable and Witness Hiding Protocols,” Proceedings of STOC, pp.416–426 (1990).
 U. Feige and A. Shamir, “Zero Knowledge Proofs of Knowledge in Two Rounds,” Proceedings of Crypto’ 89, LNCS 435, SpringerVerlag, pp.526–544 (1990). CrossRef
 U. Feige, A. Fiat and A. Shamir, “Zero Knowledge Proofs of Identity,” Proceedings of STOC, pp.210–217 (1987).
 A. Fiat and A. Shamir, “How to Prove Yourself: Practical Solutions to Identification and Signature Problems”, Proceedings of CRYPTO’ 86, LNCS 263, SpringerVerlag, pp.186–194 (1987).
 O. Goldreich, S. Goldwasser, and S. Micali, “How to Construct Random Functions,” Journal of the ACM, Vol. 33, No. 4 (1986).
 O. Goldreich and H. Krawczyk “On the Composition of ZeroKnowledge Proof Systems,” Proceedings of ICALP, LNCS 443, SpringerVerlag, pp.268–282 (1990).
 S. Goldwasser, S. Micali and C. Rackoff, “The Knowledge Complexity of Interactive Proofs,” SIAM J. Comput., 18,1, pp.186–208 (1989). CrossRef
 S. Goldwasser, S. Micali and R. Rivest, “A Digital Signature Scheme Secure Against Adaptive ChosenMessage Attacks,” SIAM J. Comput., 17,2, pp.281–308 (1988). CrossRef
 L.S. Guillou, and J.J. Quisquater, “A Practical ZeroKnowledge Protocol Fitted to Security Microprocessors Minimizing both Transmission and Memory,” Proceedings of Eurocrypt’ 88, LNCS 330, SpringerVerlag, pp.123–128 (1988).
 G. Harper, A.J. Menezes, S.A. Vanstone, “PublicKey Cryptosystems with Very Small Key Length”, to appear in the Proceedings of Eurocrypt’ 92.
 N. Koblitz, A Course in Number Theory and Cryptography, Berlin: SpringerVerlag, (1987).
 N. Koblitz, “CMCurves with Good Cryptographic Properties,” Proceedings of Crypto’ 91 (1992).
 D.E. Knuth, The Art of Computer Programming, Vol. 2, 2nd Ed. AddisonWesley (1981).
 V. Miller, “Uses of Elliptic Curves in Cryptography,” Proceedings of Crypto’ 85, LNCS 218, SpringerVerlag, pp.417–426 (1986).
 A. Miyaji, “On Ordinary Elliptic Curve Cryptosystems,” to appear in the Proceedings of Asiacrypt’ 91, LNCS, SpringerVerlag.
 P.L. Montgomery, “Modular Multiplication without Trial Division,” Math. of Computation, Vol. 44, pp.519–521 (1985). CrossRef
 A.J. Menezes, T. Okamoto, S.A. Vanstone, “Reducing Elliptic Curve Logarithms to Logarithms in a Finite Field”, Proceedings of STOC, pp.80–89 (1991).
 K. Ohta, and T. Okamoto, “A Modification of the FiatShamir Scheme,” Proceedings of Crypto’ 88, LNCS 403, SpringerVerlag, pp.232–243 (1990).
 K. Ohta, and T. Okamoto, “A Digital Multisignature Scheme Based on the FiatShamir Scheme,” to appear in the Proceedings of Asiacrypt’ 91.
 T. Okamoto, “A Single PublicKey Authentication Scheme for Multiple Users,” Systems and Computers in Japan, 18,10, pp.14–24 (1987), Previous version, Technical Report of IECE Japan, IN83–92 (1984). CrossRef
 T. Okamoto, and K. Ohta, “Divertible ZeroKnowledge Interactive Proofs and Commutative Random SelfReducible.” Proceedings of Eurocrypt’ 89, LNCS 434, SpringerVerlag, pp.134–149 (1990).
 S.C. Pohlig, and M.E. Hellman, “An Improved Algorithm for Computing Logarithmsover GF (p) and Its Cryptographic Significance,” IEEE Trans. Inform. Theory, 24, pp.106–110 (1978) CrossRef
 R. Rivest, A. Shamir and L. Adleman, “A Method for Obtaining Digital Signatures and PublicKey Cryptosystems”, Communications of the ACM, Vol. 21, No. 2, pp.120–126 (1978). CrossRef
 C.P. Schnorr, “Efficient Signature Generation by Smart Cards,” Journal of Cryptology, Vol. 4, No. 3, pp.161–174 (1991). CrossRef
 A. Shamir, “IdentityBased Cryptosystems and Signature Scheme,” Proceedings of Crypto’ 84, LNCS 196. SpringerVerlag, pp.47–53 (1986).
 K. Sakurai, and T. Itoh, “On the Discrepancy between Serial and Parallel of ZeroKnowledge Protocols,” These proceedings.
 M. Tompa and H. Woll, “Random SelfReducibility and Zero Knowledge Interactive Proofs of Possession of Information,” Proceedings of FOCS, pp.472–482 (1987).
 Title
 Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes
 Book Title
 Advances in Cryptology — CRYPTO’ 92
 Book Subtitle
 12th Annual International Cryptology Conference Santa Barbara, California, USA August 16–20, 1992 Proceedings
 Book Part
 Session I:
 Pages
 pp 3153
 Copyright
 1993
 DOI
 10.1007/3540480714_3
 Print ISBN
 9783540573401
 Online ISBN
 9783540480716
 Series Title
 Lecture Notes in Computer Science
 Series Volume
 740
 Series ISSN
 03029743
 Publisher
 Springer Berlin Heidelberg
 Copyright Holder
 SpringerVerlag Berlin Heidelberg
 Additional Links
 Topics
 Industry Sectors
 eBook Packages
 Editors

 Ernest F. Brickell ^{(3)}
 Editor Affiliations

 3. Department 1423, Sandia National Laboratories
 Authors

 Tatsuaki Okamoto ^{(4)}
 Author Affiliations

 4. NTT Laboratories, Nippon Telegraph and Telephone Corporation, 12356, Take, Yokosukashi, Kanagawaken, 23803, Japan
Continue reading...
To view the rest of this content please follow the download PDF link above.