Advertisement

An Impersonation-Proof Identity Verification Scheme

  • Gustavus J. Simmons
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 293)

Abstract

Most schemes for the verification of personal identity are logically flawed in that they require an individual to exhibit a piece of private, i.e., secret, infor- mation such as a computer access password, a telephone credit card number, a per- sonal identification number (PIN), etc., to prove his identity. The logical problem is that this information, once exhibited, is potentially compromised and. could be used by anyone to undetectably impersonate the legitimate owner. What is needed is a protocol that will allow an individual to “prove” that he knows the secret piece of information, whose possession is equated with his identity, without revealing anything about the information itself which could aid a would-be cheater to imper- sonate him. Several investigators have proposed identification schemes to accom- plish this [ 1 , 2 , 3 , 4 ] that depend on interactive-proof schemes, often referred to as zero-knowledge proofs or ping-pong protocols, in which the individual responds to a series of queries in a way that the legitimate user could, but which an impostor (probably) could not. We describe a simpler identity verification scheme which uses a public authentication channel to validate a private authentication channel belong- ing to the individual who wishes to prove his identity. The public and the private channels can be completely independent and can even be based on different authen- tication algorithms, or they can both be of the same type. This scheme also pro- vides certified receipts for transactions whose legitimacy can later be verified by impartial arbiters who were not involved in the transaction itself.

Keywords

Sandia National Laboratory Legitimate User Forward Search Propose Identification Scheme Legitimate Owner 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    A. Fiat and A. Shamir, “How to prove yourself: practical solutions to identification and signature problems,” Proceedings of Crypto-86, Santa Barbara, August 1986, pp. 1–13.Google Scholar
  2. 2.
    A. Shamir, “Identity-based cryptosystems and signature schemes,” Proceedings of Crypto’84, Santa Barbara, August 1984, pp. 47–53.Google Scholar
  3. 3.
    O. Goldreich, S. Hicali and A. Wigderson, “Proofs that yield nothing but the validity of the assertion and the methodology of cryptographic protocol design,” Submitted to 27th Symposium on Foundations of Computer Science, November 1986.Google Scholar
  4. 4.
    E. Okamoto, “Proposal for identity-based key distribution systems,” Electronics Letters, Vol. 22, No. 24 (Nov. 20, 1986), pp. 1283–1284.CrossRefGoogle Scholar
  5. 5.
    G. J. Simmons and D. B. Holdridge, “Forward search as a cryptanalytic tool against a public key privacy channel,” Proceedings of the IEEE Computer Society 1982 Symposium on Security and Privacy, Oakland, CA, April 26–28, 1982, pp. 117–128.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1988

Authors and Affiliations

  • Gustavus J. Simmons
    • 1
  1. 1.Sandia National LaboratoriesAlbuquerque

Personalised recommendations