Message authentication with arbitration of transmitter/receiver disputes

Authors:
Gustavus J. Simmons
Affiliations:
Sandia National Laboratories, Albuquerque, NM
Venue:
EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques
Year:
1987

Citing 3
Cited 16

Authentication theory/coding theory

Proceedings of CRYPTO 84 on Advances in cryptology
Some constructions and bounds for authentication codes

Proceedings on Advances in cryptology---CRYPTO '86
A Construction for Authentication/Secrecy Codes from Certain Combinatorial Designs

CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology

Authentication codes with multiple arbiters

Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Characterization of Optimal Authentication Codes with Arbitration

ACISP '99 Proceedings of the 4th Australasian Conference on Information Security and Privacy
Abritrated Unconditionally Secure Authentication Can Be Unconditionally Protected Against Arbiter's Attacks (Extended Abstract)

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
On the Construction of Perfect Authentication Codes that Permit Arbitration

CRYPTO '93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology
New Bound on Authentication Code with Arbitration

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Security Notions for Unconditionally Secure Signature Schemes

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Unconditionally Secure Digital Signature Schemes Admitting Transferability

ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Bounds for Robust Metering Schemes and Their Relationship with A-code

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Unconditionally Secure Anonymous Encryption and Group Authentication

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient and Unconditionally Secure Digital Signatures and a Security Analysis of a Multireceiver Authentication Code

PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
Unconditionally Secure Blind Authentication Codes: The Model, Constructions, and Links to Commitment

Formal to Practical Security
A2-codes from universal hash classes

EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Combinatorial Designs for Authentication and Secrecy Codes

Foundations and Trends in Communications and Information Theory
Combinatorial bounds and characterizations of splitting authentication codes

Cryptography and Communications
Unconditionally secure signature schemes revisited

ICITS'11 Proceedings of the 5th international conference on Information theoretic security
Two new constructions of multi-receiver authentication codes from singular pseudo- symplectic geometry over finite fields

WSEAS Transactions on Mathematics

Quantified Score

Hi-index	0.01

Visualization

Abstract

In the most general model of message authentication, there are four essential participants: a transmitter who observes an information source, such as a coin toss, and wishes to communicate these observations to a remotely located receiver over a publicly exposed, noiseless, communications channel; a receiver who wishes to not only learn the state of the source (as observed by the transmitter) but also to assure himself that the communications (messages) he accepts actually were sent by the transmitter and that no alterations have been made to them subsequent to the transmitter having sent them, and two other parties, the opponent and the arbiter. The opponent wishes to deceive the receiver into accepting a message that will misinform him as to the state of the source. We assume, in accordance with Kerckhoffs' criteria in cryptography, that the opponent is fully knowledgeable of the authentication system and that in addition he is able to both eavesdrop on legitimate communications in the channel and to introduce fraudulent communications of his own choice. We also assume that he has unlimited computing power, i.e., that any computation which can be done in principal can in fact be done in practice. Given this, the opponent can achieve his objective in either of two ways: 1) he can impersonate the transmitter and send a fraudulent message when in fact no message was sent by the transmitter, or 2) he can wait to intercept a legitimate message from the transmitter and substitute in its stead some other message of his own devising.