Efficient signature schemes based on polynomial equations
Proceedings of CRYPTO 84 on Advances in cryptology
The subliminal channel and digital signatures
Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
An efficient solution of the congruence x2+ky2=m (modn)
IEEE Transactions on Information Theory
Using encryption for authentication in large networks of computers
Communications of the ACM
A high security log-in procedure
Communications of the ACM
Time Sharing Computer Systems
An Attack on a Signature Scheme Proposed by Okamoto and Shiraishi
CRYPTO '85 Advances in Cryptology
A Secure Subliminal Channel (?)
CRYPTO '85 Advances in Cryptology
An Impersonation-Proof Identity Verfication Scheme
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
A Simple and Secure Way to Show the Validity of Your Public Key
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
An efficient signature scheme based on quadratic equations
STOC '84 Proceedings of the sixteenth annual ACM symposium on Theory of computing
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
Receipt management- transaction history based trust establishment
Proceedings of the 2007 ACM workshop on Digital identity management
Research note: Group commitment protocol based on zero knowledge proofs
Computer Communications
Veracity, plausibility, and reputation
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Hi-index | 0.00 |
There are two equally important, related, functions involved in the control of assets and resources. One of these is the verification of a potential user's identity and authority to use or have access to those assets. The other is to provide a record (receipt) of each access so that in the event of a later dispute as to whether an illegitimate use was made of the assets, or of the extent of the liability incurred in a legitimate use, etc., the authenticity and specifics of the access can be demonstrated in a logically compelling (and hence eventually legally binding) manner to an impartial third party or arbiter. Elaborate, and legally accepted, document based protocols to accomplish these functions are central to all commercial and private transactions. When the resources are remotely accessible, however, as in the case of computer data files, electronic funds transfers (EFT), automated bank tellers, and even in many manned point-of-sale systems, no satisfactory counterpart to the established document based protocols for verifying individual identity and/or authority to use a resource have been found, nor has a fully satisfactory means been devised to provide unforgeable transaction receipts. In this paper, we show how a public authentication channel can be used to certify private (user unique) authentication channels in a protocol that both "proves" a potential user's identity and authority and also provides certified receipts for transactions whose legitimacy can later be verified by impartial arbiters who did not have to be parties to the original transaction.We also introduce an authentication scheme to be used in this application based on the legitimate originator of information being able to extract square roots modulo n - pq, where p and q are primes of a special form. We show that these protocols provide a zero-knowledge proof of identity and of veracity transaction receipts, and that they are therefore very secure. We also show how the legitimate owner of the authentication channel can give a zero-knowledge proof that the modulus n has the correct form, thereby eliminating the possibility of the existence of several known subliminal channels.