Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes
 Tatsuaki Okamoto
 … show all 1 hide
Abstract
This paper presents a threemove interactive identification scheme and proves it to be as secure as the discrete logarithm problem. This provably secure scheme is almost as efficient as the Schnorr identification scheme, while the Schnorr scheme is not provably secure. This paper also presents another practical identification scheme which is proven to be as secure as the factoring problem and is almost as efficient as the GuillouQuisquater identification scheme: the GuillouQuisquater scheme is not provably secure. We also propose practical digital signature schemes based on these identification schemes. The signature schemes are almost as efficient as the Schnorr and GuillouQuisquater signature schemes, while the security assumptions of our signature schemes are weaker than those of the Schnorr and GuillouQuisquater. signature schemes. This paper also gives a theoretically generalized result: a threemove identification scheme can be constructed which is as secure as the randomselfreducible problem. Moreover, this paper proposes a variant which is proven to be as secure as the difficulty of solving both the discrete logarithm problem and the specific factoring problem simultaneously. Some other variants such as an identitybased variant and an elliptic curve variant are also proposed.
 Beth, T. (1988) Efficient ZeroKnowledge Identification Scheme for Smart Cards. Proceedings of Eurocrypt’ 88. Springer, Berlin Heidelberg, pp. 7786
 E.F. Brickell, D.M. Gordon, K.S. McCurley, and D. Wilson, “Fast Exponentiation with Precomputation”, to appear in the Proceedings of Eurocrypt’ 92.
 Brickell, E.F., McCurley, K.S. (1992) An Interactive Identification Scheme Based on Discrete Logarithms and Factoring. Journal of Cryptology 5: pp. 2939
 E.F. Brickell, and K.S. McCurley, “Interactive Identification and Digital Signatures,” AT&T Technical Journal, pp.73–86, November/December (1991).
 M. Bellare, S. Micali and R. Ostrovsky, “Perfect ZeroKnowledge in Constant Rounds,” Proceedings of STOC, pp.482–493 (1990).
 M. Bellare, S. Micali and R. Ostrovsky, “The (True) Complexity of Statistical ZeroKnowledge.” Proceedings of STOC, pp.494–502 (1990).
 Chaum, D. (1985) Security without Identification: Transaction Systems to Make Big Brother Obsolete. Comm. of the ACM 28: pp. 10301044 CrossRef
 L. Chen, I. Damgård, “Security Bounds for Parallel Versions of Identification Protocols,” Manuscript (1992).
 U. Feige and A. Shamir, “Witness Indistinguishable and Witness Hiding Protocols,” Proceedings of STOC, pp.416–426 (1990).
 Feige, U., Shamir, A. (1990) Zero Knowledge Proofs of Knowledge in Two Rounds. Proceedings of Crypto’ 89. Springer, Berlin Heidelberg, pp. 526544 CrossRef
 U. Feige, A. Fiat and A. Shamir, “Zero Knowledge Proofs of Identity,” Proceedings of STOC, pp.210–217 (1987).
 Fiat, A., Shamir, A. (1987) How to Prove Yourself: Practical Solutions to Identification and Signature Problems. Proceedings of CRYPTO’ 86. Springer, Berlin Heidelberg, pp. 186194
 O. Goldreich, S. Goldwasser, and S. Micali, “How to Construct Random Functions,” Journal of the ACM, Vol. 33, No. 4 (1986).
 Goldreich, O., Krawczyk, H. (1990) On the Composition of ZeroKnowledge Proof Systems. Proceedings of ICALP. Springer, Berlin Heidelberg, pp. 268282
 Goldwasser, S., Micali, S., Rackoff, C. (1989) The Knowledge Complexity of Interactive Proofs. SIAM J. Comput. 18: pp. 186208 CrossRef
 Goldwasser, S., Micali, S., Rivest, R. (1988) A Digital Signature Scheme Secure Against Adaptive ChosenMessage Attacks. SIAM J. Comput. 17: pp. 281308 CrossRef
 Guillou, L.S., Quisquater, J.J. (1988) A Practical ZeroKnowledge Protocol Fitted to Security Microprocessors Minimizing both Transmission and Memory. Proceedings of Eurocrypt’ 88. Springer, Berlin Heidelberg, pp. 123128
 G. Harper, A.J. Menezes, S.A. Vanstone, “PublicKey Cryptosystems with Very Small Key Length”, to appear in the Proceedings of Eurocrypt’ 92.
 Koblitz, N. (1987) A Course in Number Theory and Cryptography. SpringerVerlag, Berlin
 N. Koblitz, “CMCurves with Good Cryptographic Properties,” Proceedings of Crypto’ 91 (1992).
 D.E. Knuth, The Art of Computer Programming, Vol. 2, 2nd Ed. AddisonWesley (1981).
 Miller, V. (1986) Uses of Elliptic Curves in Cryptography. Proceedings of Crypto’ 85. Springer, Berlin Heidelberg, pp. 417426
 Miyaji, A. (1991) On Ordinary Elliptic Curve Cryptosystems. Springer, Berlin Heidelberg
 Montgomery, P.L. (1985) Modular Multiplication without Trial Division. Math. of Computation 44: pp. 519521 CrossRef
 A.J. Menezes, T. Okamoto, S.A. Vanstone, “Reducing Elliptic Curve Logarithms to Logarithms in a Finite Field”, Proceedings of STOC, pp.80–89 (1991).
 Ohta, K., Okamoto, T. (1990) A Modification of the FiatShamir Scheme. Proceedings of Crypto’ 88. Springer, Berlin Heidelberg, pp. 232243
 K. Ohta, and T. Okamoto, “A Digital Multisignature Scheme Based on the FiatShamir Scheme,” to appear in the Proceedings of Asiacrypt’ 91.
 Okamoto, T. (1987) A Single PublicKey Authentication Scheme for Multiple Users. Systems and Computers in Japan 18: pp. 1424 CrossRef
 Okamoto, T., Ohta, K. (1990) Divertible ZeroKnowledge Interactive Proofs and Commutative Random SelfReducible. Proceedings of Eurocrypt’ 89. Springer, Berlin Heidelberg, pp. 134149
 Pohlig, S.C., Hellman, M.E. (1978) An Improved Algorithm for Computing Logarithmsover GF (p) and Its Cryptographic Significance. IEEE Trans. Inform. Theory 24: pp. 106110 CrossRef
 Rivest, R., Shamir, A., Adleman, L. (1978) A Method for Obtaining Digital Signatures and PublicKey Cryptosystems. Communications of the ACM 21: pp. 120126 CrossRef
 Schnorr, C.P. (1991) Efficient Signature Generation by Smart Cards. Journal of Cryptology 4: pp. 161174 CrossRef
 Shamir, A. (1986) IdentityBased Cryptosystems and Signature Scheme. Proceedings of Crypto’ 84. Springer, Berlin Heidelberg, pp. 4753
 K. Sakurai, and T. Itoh, “On the Discrepancy between Serial and Parallel of ZeroKnowledge Protocols,” These proceedings.
 M. Tompa and H. Woll, “Random SelfReducibility and Zero Knowledge Interactive Proofs of Possession of Information,” Proceedings of FOCS, pp.472–482 (1987).
 Title
 Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes
 Book Title
 Advances in Cryptology — CRYPTO’ 92
 Book Subtitle
 12th Annual International Cryptology Conference Santa Barbara, California, USA August 16–20, 1992 Proceedings
 Book Part
 Session I:
 Pages
 pp 3153
 Copyright
 1993
 DOI
 10.1007/3540480714_3
 Print ISBN
 9783540573401
 Online ISBN
 9783540480716
 Series Title
 Lecture Notes in Computer Science
 Series Volume
 740
 Series ISSN
 03029743
 Publisher
 Springer Berlin Heidelberg
 Copyright Holder
 SpringerVerlag Berlin Heidelberg
 Additional Links
 Topics
 Industry Sectors
 eBook Packages
 Editors

 Ernest F. Brickell ^{(3)}
 Editor Affiliations

 3. Department 1423, Sandia National Laboratories
 Authors

 Tatsuaki Okamoto ^{(4)}
 Author Affiliations

 4. NTT Laboratories, Nippon Telegraph and Telephone Corporation, 12356, Take, Yokosukashi, Kanagawaken, 23803, Japan
Continue reading...
To view the rest of this content please follow the download PDF link above.