Cryptanalysis of a Zero-Knowledge Identification Protocol of Eurocrypt ‘95

  • Jean-Sébastien Coron
  • David Naccache
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2964)


We present a cryptanalysis of a zero-knowledge identification protocol introduced by Naccache et al. at Eurocrypt ‘95. Our cryptanalysis enables a polynomial-time attacker to pass the identification protocol with probability one, without knowing the private key.


Zero-knowledge Fiat-Shamir Identification Protocol 


  1. 1.
    Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)Google Scholar
  2. 2.
    Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof-systems. In: Proceedings of the 17th Annual ACM Symposium on Theory of Computing, pp. 291–304 (1985)Google Scholar
  3. 3.
    Naccache, D.: Method, sender apparatus and receiver apparatus for modulo operation, European patent application no. 91402958.2, November 5 (1991)Google Scholar
  4. 4.
    Naccache, D., MRaihi, D., Wolfowicz, W., di Porto, A.: Are Crypto-Accelrators really inevitable? 20 bit zero-knowledge in less than a second on simple 8-bit microcontrollers. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 404–409. Springer, Heidelberg (1995)Google Scholar
  5. 5.
    Shamir, A.: Memory efficient variants of public-key schems for smart-card applications. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 445–449. Springer, Heidelberg (1995)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Jean-Sébastien Coron
    • 1
  • David Naccache
    • 1
  1. 1.Gemplus Card InternationalIssy-les-MoulineauxFrance

Personalised recommendations