Workshop on the Theory and Application of of Cryptographic Techniques

EUROCRYPT 1988: Advances in Cryptology — EUROCRYPT ’88 pp 123-128

A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory

  • Louis C. Guillou
  • Jean-Jacques Quisquater
Conference paper

DOI: 10.1007/3-540-45961-8_11

Volume 330 of the book series Lecture Notes in Computer Science (LNCS)


Zero-knowledge interactive proofs are very promising for the problems related to the verification of identity. After their (mainly theoretical) introduction by S. Goldwasser, S. Micali and C. Rackoff (1985), A. Fiat and A. Shamir (1986) proposed a first practical solution: the scheme of Fiat-Shamir is a trade-off between the number of authentication numbers stored in each security microprocessor and the number of witness numbers to be checked at each verification.

This paper proposes a new scheme which requires the storage of only one authentication number in each security microprocessor and the check of only one witness number. The needed computations are only 2 or 3 more than for the scheme of Fiat-Shamir.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 1988

Authors and Affiliations

  • Louis C. Guillou
    • 1
  • Jean-Jacques Quisquater
    • 2
  1. 1.Centre Commun d’Etudes de Télédiffusion et Télécommunications CCETTCesson-Sevigné CédexFrance
  2. 2.Philips Research Laboratory BrusselsBrusselsBelgium