Zero-knowledge proofs of identity
Journal of Cryptology
Witness indistinguishable and witness hiding protocols
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
An interactive identification scheme based on discrete logarithms and factoring (extended abstract)
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
A Modification of the Fiat-Shamir Scheme
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Hi-index | 0.00 |
The security bounds we will define and discuss in this paper is an universal security measure for parallel versions of identification protocols. From this bound we can judge which of the security measures defined in [FFS], [FeS], [OO] are satisfied. The bounds are controllable in the sense that they are connected with a security parameter. When the bound is a "sharp-threshold" security bound, it is tight enough to describe the security of the protocol precisely, Using this bound, we discuss the generalized Fiat-Shamir identification scheme ID(L,k,t,n) which is defined in [CDL]. Under the assumption that there is no polynomial time algorithm of factoring, the parallel version of the scheme is secure in the sense that even cheating verifier B can get some information from the interacting with the prover, the information he get is absolutely useless for cheating.