A (non-practical) three-pass identification protocol using coding theory
At EUROCRYPT'89, Stern has presented an identification scheme whose security is based on general linear decoding problem, which is NP-hard. The number of passes of the protocol he designed is five. In this paper, we propose an alternative protocol which works with only three passes and is much simpler to describe (that is the good news) but which is not practical (the bad news).
KeywordsSignature Scheme Permutation Matrix Code Theory Goppa Code Complete Nature
Unable to display preview. Download preview PDF.
- [BMT]E.R. Berlekamp, R.J. McEliece and H.C.A. van Tilborg, "On the inherent intractability of certain coding problems", IEEE Trans. Inform. Theory, vol.IT-24, pp. 384–386, May 1978.Google Scholar
- [DG]J.L. Duras and M. Girault, "Etude et implémentation d'algorithmes d'authentification basés sur les codes correcteurs d'erreurs", Technical report, SEPT, 1989.Google Scholar
- [FS]A. Fiat and A. Shamir, "How to prove yourself: Practical solutions to identification and signature problems", Proc. of CRYPTO '86.Google Scholar
- [Gi]M. Girault, "Other protocols for Shamir's identification scheme", in preparation.Google Scholar
- [Ha]S. Harari, "Un algorithme d'authentification sans transfert d'information", Proc. of Trois journées sur le codage, Toulon, France, 1988.Google Scholar
- [Mc]R. J. Mac Eliece, "A public-key cryptosystem based on algebraic coding theory", DSN Progress Report, Jet Propulsion Laboratory, CA, Jan. & Feb. 1978, pp. 42–44.Google Scholar
- [Sh]A. Shamir, "An efficient identification scheme based on permuted kernels", extended abstract presented at CRYPTO'89 rump session, Proc. to appear.Google Scholar
- [St1]J. Stern, "An alternative to the Fiat-Shamir protocol", EUROCRYPT'89, Proc. to appear.Google Scholar
- [St2]J. Stern, "A method for finding codewords of small weight", Proc. of Trois journées sur le codage, Toulon, France, 1988.Google Scholar