Abstract
At EUROCRYPT’88, we introduced an interactive zero-knowledge protocol (Guillou and Quisquater [13]) fitted to the authentication of tamper-resistant devices (e.g. smart cards, Guillou and Ugon [14]).
Each security device stores its secret authentication number, an RSA-like signature computed by an authority from the device identity. Any transaction between a tamper-resistant security device and a verifier is limited to a unique interaction: the device sends its identity and a random test number; then the verifier tells a random large question; and finally the device answers by a witness number. The transaction is successful when the test number is reconstructed from the witness number, the question and the identity according to numbers published by the authority and rules of redundancy possibly standardized.
This protocol allows a cooperation between users in such a way that a group of cooperative users looks like a new entity, having a shadowed identity the product of the individual shadowed identities, while each member reveals nothing about its secret.
In another scenario, the secret is partitioned between distinct devices sharing the same identity. A group of cooperative users looks like a unique user having a larger public exponent which is the greater common multiple of each individual exponent.
In this paper, additional features are introduced in order to provide: firstly, a mutual interactive authentication of both communicating entities and previously exchanged messages, and, secondly, a digital signature of messages, with a non-interactive zero-knowledge protocol. The problem of multiple signature is solved here in a very smart way due to the possibilities of cooperation between users.
The only secret key is the factors of the composite number chosen by the authority delivering one authentication number to each smart card. This key is not known by the user. At the user level, such a scheme may be considered as a keyless identity-based integrity scheme. This integrity has a new and important property: it cannot be misused, i.e. derived into a confidentiality scheme.
Chapter PDF
Similar content being viewed by others
Keywords
References
Gilles Brassard, David Chaum and Claude Crépeau, Minimum disclosure proofs of knowledge, July 1987.
David Chaum, Security without identification: transaction systems to make Big Brother obsolete, Comm. of ACM, 28, Oct. 1985, pp. 1030–1044.
Ivan Bjerre Damgård, Collision-free hash functions and public-key signature schemes, EUROCRYPT’ 87, to appear.
Yvo Desmedt and Jean-Jacques Quisquater, Public-key systems based on the difficulty of tampering, Advances in cryptology, Proceedings of CRYPTO’ 86, Lectures notes in computer science, No 263, Springer-Verlag, pp. 186–194.
Amos Fiat and Adi Shamir, How to prove yourself: practical solutions to identification and signature problems. Springer Verlag, Lecture notes in computer science, No 263, Advances in cryptology, Proceedings of CRYPTO’ 86, pp. 186–194, 1987.
Amos Fiat and Adi Shamir, Unforgeable proofs of identity, 5th SECURICOM, Paris, 1987, pp. 147–153.
Oded Goldreich, Shafi Goldwasser and Silvio Micali, How to construct random functions, 25th, IEEE symposium on foundations of computer science, 1984, pp. 464–479.
Shafi Goldwasser, Silvio Micali and Charles Rackoff, The knowledge of interactive proof systems, 17th ACM symposium on theory of computing, 1985, pp. 291–304.
Shafi Goldwasser, Silvio Micali and Ronald Rivest, A paradoxical signature scheme, 25th IEEE symposium on foundations of computer science, 1984, pp. 441–448.
Oded Goldreich, Silvio Micali and Avi Wigderson, Proofs that yields nothing but the validity of the proof, Workshop on probabilistic algorithms, Marseille, March 1986.
Louis C. Guillou and Jean-Jacques Quisquater, Efficient digital public-key signatures with shadow, Springer Verlag, Lecture notes in computer science, Advances in cryptology, Proceedings of CRYPTO’ 87, p.223.
Louis C. Guillou, Marc Davio and Jean-Jacques Quisquater, Public-key techniques, Cryptologia, to appear.
Louis C. Guillou and Jean-Jacques Quisquater, A practical zero-knowledge protocol fitted to security microprocessors minimizing both transmission and memory, EURO CRYPT’ 88, to appear.
Louis C. Guillou and Michel Ugon, Smart card: a highly reliable and portable security device, CRYPTO’ 86, Lecture notes in computer science, No 263, Springer-Verlag, pp. 464–479.
Jean-Jacques Quisquater, Secret distribution of keys for public-key system, Springer Verlag, Lecture notes in computer science, No 293, Advances in cryptology, Proceedings of CRYPTO’ 87, pp. 203–208, 1987.
Ronald Rivest, Adi Shamir and Leonard Adleman, A method for obtaining digital signatures and public-key cryptosystems, Comm. of ACM, 21, Feb. 1978, pp. 120–126.
Adi Shamir, Identity-based cryptosystems and signatures schemes, Springer Verlag, Lecture notes in computer science, No 196, Advances in cryptology, Proceedings of CRYPTO’ 84, pp. 47–53, 1985.
H. C. Williams, A modification of the RSA public-key cryptosystem, IEEE Trans. on Information Theory, IT-26, Nov. 1980, pp. 726–729.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1990 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Guillou, L.C., Quisquater, JJ. (1990). A “Paradoxical” Indentity-Based Signature Scheme Resulting from Zero-Knowledge. In: Goldwasser, S. (eds) Advances in Cryptology — CRYPTO’ 88. CRYPTO 1988. Lecture Notes in Computer Science, vol 403. Springer, New York, NY. https://doi.org/10.1007/0-387-34799-2_16
Download citation
DOI: https://doi.org/10.1007/0-387-34799-2_16
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-0-387-97196-4
Online ISBN: 978-0-387-34799-8
eBook Packages: Springer Book Archive