The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
An efficient solution of the congruence x2+ky2=m (modn)
IEEE Transactions on Information Theory
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Zero-knowledge proofs of identity
Journal of Cryptology
An alternative to the Fiat-Shamir protocol
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
A new identification scheme based on syndrome decoding
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Efficient Identification and Signatures for Smart Cards
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Identification Scheme Based on Permuted Kernels (Extended Abstract)
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
On the fly signatures based on factoring
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Practical multi-candidate election system
Proceedings of the twentieth annual ACM symposium on Principles of distributed computing
A New \mathcal{NP}-Complete Problem and Public-Key Identification
Designs, Codes and Cryptography
Security of 2^t-Root Identification and Signatures
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Mutual Authentication for Low-Power Mobile Devices
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Cryptographic Primitives for Information Authentication - State of the Art
State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
Birthday Paradox for Multi-Collisions
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
An interpretation of identity-based cryptography
Foundations of security analysis and design IV
Lightweight cryptography and RFID: tackling the hidden overheads
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
A failure-friendly design principle for hash functions
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
One-Time verifier-based encrypted key exchange
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Birthday paradox for multi-collisions
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Public key cryptography and RFID tags
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Improving efficiency of an ‘on the fly' identification scheme by perfecting zero-knowledgeness
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
On area, time, and the right trade-off
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Improved (and practical) public-key authentication for UHF RFID tags
CARDIS'12 Proceedings of the 11th international conference on Smart Card Research and Advanced Applications
| Hi-index | 0.00 |
Many interactive identification schemes based on the zero-knowledge concept use cryptographic hash-values, either in their basic design or in specific variants. In this paper, we first show that 64-bit hash-values, a length often suggested, definitely decrease the level of the security of all these schemes. (Of course, this does not compromise the security of the schemes by themselves). Then we prove that collision-resistance is a sufficient condition to achieve the claimed level of security. Finally, by using a weaker notion of collision-resistance, we present interesting variants of some of these schemes (in particular the Schnorr and the Guillou-Quisquater schemes) which minimize the number of communication bits for a given level of security.