An Interactive Identification Scheme Based on Discrete Logarithms and Factoring

Extended Abstract
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 473)


We describe a modification of an interactive identification scheme of Schnorr intended for use by smart cards. Schnorr’s original scheme had its security based on the difficulty of computing discrete logarithms. The modification that we present here will remain secure if either of two computational problems is infeasible, namely factoring a large integer and computing a discrete logarithm. For this enhanced security we require somewhat more communication and computational power, but the requirements remain quite modest, so that the scheme is well suited for use in smart cards.


Smart Card Signature Scheme Discrete Logarithm Discrete Logarithm Problem Correct Output 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [1]
    Thomas Beth, “Efficient zero-knowledge identification scheme for smart cards,” Advances in Cryptology (Proceedings of Eurocrypt’ 88), Lecture Notes in Computer Science 330 (1989), 77–84.CrossRefGoogle Scholar
  2. [2]
    David Chaum, Jan-Hendrik Evertse, Jeroen van de Graaf, and René Peralta, “Demonstrating possession of a discrete logarithm without revealing it,” Advances in Cryptology (Proceedings of Eurocrypt’ 86) Lecture Notes in Computer Science 263 (1987), 200–212.CrossRefGoogle Scholar
  3. [3]
    David Chaum, Jan-Hendrik Evertse, and Jeroen van de Graaf, “An improved protocol for demonstrating possession of discrete logarithms and some generalizations,” Advances in Cryptology (Proceedings of Eurocrypt’ 87) Lecture Notes in Computer Science 304 (1988), 127–141.CrossRefGoogle Scholar
  4. [4]
    Yvo Desmedt, Claude Goutier, and Samy Bengio, “Special uses and abuses of the Fiat-Shamir passport protocol,” Advances in Cryptology (Proceedings of Crypto’ 87) Lecture Notes in Computer Science 293 (1988), 21–39.Google Scholar
  5. [5]
    A. K. Lenstra, H. W. Lenstra, Jr., M. S. Manasse, and J. M. Pollard, “The Number Field Sieve”, Proceedings of the 22nd ACM Symposium on Theory of Computing, Association for Computing Machinery, New York, 1990, 564–572.Google Scholar
  6. [6]
    Arjen K. Lenstra and Mark S. Manasse, Factoring by Electronic Mail, Proceedings of Eurocrypt’ 89, Lecture Notes in Computer Science, to appear.Google Scholar
  7. [7]
    Kevin S. McCurley, A Key Distribution System Equivalent to Factoring, Journal of Cryptology 1 (1988), 95–105.MathSciNetzbMATHCrossRefGoogle Scholar
  8. [8]
    J. M. Pollard, “Monte Carlo Methods for Index Computation mod p,” Mathematics of Computation 32 (1978), 918–924.MathSciNetzbMATHGoogle Scholar
  9. [9]
    C.P. Schnorr, Efficient Identification and Signatures for Smart Cards, Proceedings of Crypto’ 89, Lecture Notes in Computer Science, to appear.Google Scholar
  10. [10]
    Samuel S. Wagstaff, Jr., Greatest of the Least Primes in Arithmetic Progressions Having a Given Modulus, Mathematics of Computation 33 (1979), 1073–1080.MathSciNetzbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1991

Authors and Affiliations

  1. 1.Sandia National LaboratoriesAlbuquerque

Personalised recommendations