Abstract
This paper presents a three-move interactive identification scheme and proves it to be as secure as the discrete logarithm problem. This provably secure scheme is almost as efficient as the Schnorr identification scheme, while the Schnorr scheme is not provably secure. This paper also presents another practical identification scheme which is proven to be as secure as the factoring problem and is almost as efficient as the Guillou-Quisquater identification scheme: the Guillou-Quisquater scheme is not provably secure. We also propose practical digital signature schemes based on these identification schemes. The signature schemes are almost as efficient as the Schnorr and Guillou-Quisquater signature schemes, while the security assumptions of our signature schemes are weaker than those of the Schnorr and Guillou-Quisquater. signature schemes. This paper also gives a theoretically generalized result: a three-move identification scheme can be constructed which is as secure as the random-self-reducible problem. Moreover, this paper proposes a variant which is proven to be as secure as the difficulty of solving both the discrete logarithm problem and the specific factoring problem simultaneously. Some other variants such as an identity-based variant and an elliptic curve variant are also proposed.
Chapter PDF
References
T. Beth, “Efficient Zero-Knowledge Identification Scheme for Smart Cards,” Proceedings of Eurocrypt’ 88, LNCS 330, Springer-Verlag, pp.77–86 (1988).
E.F. Brickell, D.M. Gordon, K.S. McCurley, and D. Wilson, “Fast Exponentiation with Precomputation”, to appear in the Proceedings of Eurocrypt’ 92.
E.F. Brickell, and K.S. McCurley, “An Interactive Identification Scheme Based on Discrete Logarithms and Factoring,” Journal of Cryptology, Vol. 5, No. 1, pp.29–39 (1992).
E.F. Brickell, and K.S. McCurley, “Interactive Identification and Digital Signatures,” AT&T Technical Journal, pp.73–86, November/December (1991).
M. Bellare, S. Micali and R. Ostrovsky, “Perfect Zero-Knowledge in Constant Rounds,” Proceedings of STOC, pp.482–493 (1990).
M. Bellare, S. Micali and R. Ostrovsky, “The (True) Complexity of Statistical Zero-Knowledge.” Proceedings of STOC, pp.494–502 (1990).
D. Chaum, “Security without Identification: Transaction Systems to Make Big Brother Obsolete,” Comm. of the ACM, 28,10, pp.1030–1044 (1985).
L. Chen, I. Damgård, “Security Bounds for Parallel Versions of Identification Protocols,” Manuscript (1992).
U. Feige and A. Shamir, “Witness Indistinguishable and Witness Hiding Protocols,” Proceedings of STOC, pp.416–426 (1990).
U. Feige and A. Shamir, “Zero Knowledge Proofs of Knowledge in Two Rounds,” Proceedings of Crypto’ 89, LNCS 435, Springer-Verlag, pp.526–544 (1990).
U. Feige, A. Fiat and A. Shamir, “Zero Knowledge Proofs of Identity,” Proceedings of STOC, pp.210–217 (1987).
A. Fiat and A. Shamir, “How to Prove Yourself: Practical Solutions to Identification and Signature Problems”, Proceedings of CRYPTO’ 86, LNCS 263, Springer-Verlag, pp.186–194 (1987).
O. Goldreich, S. Goldwasser, and S. Micali, “How to Construct Random Functions,” Journal of the ACM, Vol. 33, No. 4 (1986).
O. Goldreich and H. Krawczyk “On the Composition of Zero-Knowledge Proof Systems,” Proceedings of ICALP, LNCS 443, Springer-Verlag, pp.268–282 (1990).
S. Goldwasser, S. Micali and C. Rackoff, “The Knowledge Complexity of Interactive Proofs,” SIAM J. Comput., 18,1, pp.186–208 (1989).
S. Goldwasser, S. Micali and R. Rivest, “A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks,” SIAM J. Comput., 17,2, pp.281–308 (1988).
L.S. Guillou, and J.J. Quisquater, “A Practical Zero-Knowledge Protocol Fitted to Security Microprocessors Minimizing both Transmission and Memory,” Proceedings of Eurocrypt’ 88, LNCS 330, Springer-Verlag, pp.123–128 (1988).
G. Harper, A.J. Menezes, S.A. Vanstone, “Public-Key Cryptosystems with Very Small Key Length”, to appear in the Proceedings of Eurocrypt’ 92.
N. Koblitz, A Course in Number Theory and Cryptography, Berlin: Springer-Verlag, (1987).
N. Koblitz, “CM-Curves with Good Cryptographic Properties,” Proceedings of Crypto’ 91 (1992).
D.E. Knuth, The Art of Computer Programming, Vol. 2, 2nd Ed. Addison-Wesley (1981).
V. Miller, “Uses of Elliptic Curves in Cryptography,” Proceedings of Crypto’ 85, LNCS 218, Springer-Verlag, pp.417–426 (1986).
A. Miyaji, “On Ordinary Elliptic Curve Cryptosystems,” to appear in the Proceedings of Asiacrypt’ 91, LNCS, Springer-Verlag.
P.L. Montgomery, “Modular Multiplication without Trial Division,” Math. of Computation, Vol. 44, pp.519–521 (1985).
A.J. Menezes, T. Okamoto, S.A. Vanstone, “Reducing Elliptic Curve Logarithms to Logarithms in a Finite Field”, Proceedings of STOC, pp.80–89 (1991).
K. Ohta, and T. Okamoto, “A Modification of the Fiat-Shamir Scheme,” Proceedings of Crypto’ 88, LNCS 403, Springer-Verlag, pp.232–243 (1990).
K. Ohta, and T. Okamoto, “A Digital Multisignature Scheme Based on the Fiat-Shamir Scheme,” to appear in the Proceedings of Asiacrypt’ 91.
T. Okamoto, “A Single Public-Key Authentication Scheme for Multiple Users,” Systems and Computers in Japan, 18,10, pp.14–24 (1987), Previous version, Technical Report of IECE Japan, IN83–92 (1984).
T. Okamoto, and K. Ohta, “Divertible Zero-Knowledge Interactive Proofs and Commutative Random Self-Reducible.” Proceedings of Eurocrypt’ 89, LNCS 434, Springer-Verlag, pp.134–149 (1990).
S.C. Pohlig, and M.E. Hellman, “An Improved Algorithm for Computing Logarithmsover GF (p) and Its Cryptographic Significance,” IEEE Trans. Inform. Theory, 24, pp.106–110 (1978)
R. Rivest, A. Shamir and L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, Communications of the ACM, Vol. 21, No. 2, pp.120–126 (1978).
C.P. Schnorr, “Efficient Signature Generation by Smart Cards,” Journal of Cryptology, Vol. 4, No. 3, pp.161–174 (1991).
A. Shamir, “Identity-Based Cryptosystems and Signature Scheme,” Proceedings of Crypto’ 84, LNCS 196. Springer-Verlag, pp.47–53 (1986).
K. Sakurai, and T. Itoh, “On the Discrepancy between Serial and Parallel of Zero-Knowledge Protocols,” These proceedings.
M. Tompa and H. Woll, “Random Self-Reducibility and Zero Knowledge Interactive Proofs of Possession of Information,” Proceedings of FOCS, pp.472–482 (1987).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1993 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Okamoto, T. (1993). Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes. In: Brickell, E.F. (eds) Advances in Cryptology — CRYPTO’ 92. CRYPTO 1992. Lecture Notes in Computer Science, vol 740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48071-4_3
Download citation
DOI: https://doi.org/10.1007/3-540-48071-4_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-57340-1
Online ISBN: 978-3-540-48071-6
eBook Packages: Springer Book Archive