Discrete Logarithm Based Protocols

  • Patrick Horster
  • Hans-Joachim Knobloch
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 547)


The Exponential Security System (TESS) developed at the European Institute for System Security is the result of an attempt to increase the security in heterogenous computer networks.

In this paper we present the cryptographic protocols in the kernel of TESS. We show how they can be used to implement access control, authentication, confidentiality protection, key exchange, digital signatures and distributed network security management.

We also look at the compatibility of TESS with existing standards, like the X.509 Directory Authentication Framework, and compare it to established systems like Kerberos. A comparison of TESS with the non-electronic “paper”-world of authentication and data exchange shows strong parallels.

Finally we give a short overview of the current state of development and availability of different TESS components.


Smart Card Signature Scheme Discrete Logarithm Certification Authority Cryptographic Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [AgMV90]
    G. B. Agnew, R. C. Mullin, S. A. Vanstone, Improved digital signature scheme based on discrete exponentiation, Electronics Letters 26, 1990, pp. 1024–1025.CrossRefGoogle Scholar
  2. [BaKn89]
    F. Bauspieß, H.-J. Knobloch, How to Keep Authenticity Alive in a Computer Network, Adv. in Cryptology-EUROCRYPT’ 89, Springer, Berlin 1990, pp. 38–46.Google Scholar
  3. [Baus90]
    F. Bauspieß, SELANE-An Approach to Secure Networks, Abstracts of SECURICOM’ 90, Paris 1990.Google Scholar
  4. [Beth88]
    Th. Beth, Zero-Knowledge Identification Scheme for Smart Cards, Adv. in Cryptology-EUROCRYPT’ 88, Springer, Berlin 1988, pp. 77–84.CrossRefGoogle Scholar
  5. [CCIT88]
    CCITT, Recommendation X.509: The Directory-Authentication Framework, Blue Book-Melbourne 1988, Fascicle VIII.8: Data communication networks: directory, International Telecommunication Union, Geneva 1989, pp. 48–81.Google Scholar
  6. [ChEG87]
    D. Chaum, J. H. Evertse, J. van de Graaf, An Improved Protocol for Demonstrating Possession of Discrete Logarithms and some Generalizations, Adv. in Cryptology-EUROCRYPT’ 87, Springer, Berlin 1988, pp. 127–141.Google Scholar
  7. [DiHe76]
    W. Diffie, M. E. Hellman, New Directions in Cryptography, IEEE Trans. on Information Theory 22, 1976, pp. 644–654.zbMATHCrossRefMathSciNetGoogle Scholar
  8. [Elga85]
    T. ElGamal, A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms, IEEE Trans. on Information Theory 31, 1985, pp. 469–472.zbMATHCrossRefMathSciNetGoogle Scholar
  9. [Gira91]
    M. Girault, Self-Certified Public Keys, Adv. in Cryptology-EUROCRYPT’ 91, this volume.Google Scholar
  10. [Günt89]
    C. G. Günther, Diffie-Hellman and El-Gamal Protocols with One Single Authentication Key, Adv. in Cryptology-EUROCRYPT’ 89, Springer, Verlin 1990, pp. 29–37.Google Scholar
  11. [HoKn91]
    P. Horster, H.-J. Knobloch, Protocols for Secure Networks, Abstracts of SECURICOM’ 91, Paris 1991.Google Scholar
  12. [Kobl87]
    N. Koblitz, Elliptic Curve Cryptosystems, Math. of Computation 48, 1987, pp. 203–209.zbMATHCrossRefMathSciNetGoogle Scholar
  13. [MNSS87]
    S. P. Miller, B. C. Neuman, J. I. Schiller, J. H. Saltzer, Section E.2.1: Kerberos Authentication and Authorization System, MIT Project Athena, Cambridge, Ma., 1987.Google Scholar
  14. [NeSc78]
    R. M. Needham, M. D. Schroeder, Using Encryption for Authentication in Large Networks of Computers, Comm. of the ACM 21, 1978, pp. 993–999.zbMATHCrossRefGoogle Scholar
  15. [Odly84]
    A. M. Odlyzko, Discrete Logarithms in Finite Fields and their Cryptographic Significance, Adv. in Cryptology-EUROCRYPT’ 84, Springer, Berlin 1985, pp. 224–314.Google Scholar
  16. [PoHe78]
    S. C. Pohlig, M. E. Hellman, Am Improved Algorithm for Computing Logarithms Over GF(p) and its Cryptographic Significance, IEEE Trans. on Information Theory 24, 1978, pp. 106–110.zbMATHCrossRefMathSciNetGoogle Scholar
  17. [RiSA78]
    R. L. Rivest, A. Shamir, L. Adleman, A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, Comm. of the ACM 21, 1978, pp. 120–126.zbMATHCrossRefMathSciNetGoogle Scholar
  18. [RiSh84]
    R. L. Rivest, A. Shamir, How to Expose an Eavesdropper, Comm. of the ACM 27, 1984, pp. 393–395.CrossRefGoogle Scholar
  19. [Schn89]
    C. P. Schnorr, Efficient Identification and Signatures for Smart Cards, Adv. in Cryptology-CRYPTO’ 89, Springer, Berlin 1990, pp. 239–251.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1991

Authors and Affiliations

  • Patrick Horster
    • 1
  • Hans-Joachim Knobloch
    • 1
  1. 1.European Institute for System SecurityUniversity of KarlsruheKarlsruhe 1FR Germany

Personalised recommendations