Special Uses and Abuses of the Fiat-Shamir Passport Protocol (extended abstract)
- Cite this paper as:
- Desmedt Y., Goutier C., Bengio S. (1988) Special Uses and Abuses of the Fiat-Shamir Passport Protocol (extended abstract). In: Pomerance C. (eds) Advances in Cryptology — CRYPTO ’87. CRYPTO 1987. Lecture Notes in Computer Science, vol 293. Springer, Berlin, Heidelberg
If the physical description of a person would be unique and adequately used and tested, then the security of the Fiat-Shamir scheme is not based on zero-knowledge. Otherwise some new frauds exist. The Feige-Fiat-Shamir scheme always suffers from these bauds. Using an extended notion of subliminal channels, several other undetectable abuses of the Fiat-Shamir protocol, which are not possible with ordinary passports, are discussed. This technique can be used by a terrorist sponsoring country to communicate 500 new words of secret information each time a tourist passport is verified. A non-trivial solution to avoid these subliminal channel problems is presented. The notion of relative zero-knowledge is introduced.