Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
Public-key systems based on the difficulty of tampering (Is there a difference between DES and RSA?)
Proceedings on Advances in cryptology---CRYPTO '86
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Smart card, a highly reliable and portable security device
Proceedings on Advances in cryptology---CRYPTO '86
Minimum disclosure proofs of knowledge
Journal of Computer and System Sciences - 27th IEEE Conference on Foundations of Computer Science October 27-29, 1986
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Secret Distribution of Keys for Public-Key Systems
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Efficient Digital Public-Key Signature with Shadow (Abstract)
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
How To Construct Randolli Functions
SFCS '84 Proceedings of the 25th Annual Symposium onFoundations of Computer Science, 1984
CRYPTO '89 Proceedings on Advances in cryptology
Accountability in Electronic Commerce Protocols
IEEE Transactions on Software Engineering
New blind signatures equivalent to factorization (extended abstract)
Proceedings of the 4th ACM conference on Computer and communications security
On the fly signatures based on factoring
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Efficient verifiable encryption (and fair exchange) of digital signatures
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
An identity-based society oriented signature scheme with anonymous signers
Information Processing Letters
Proxy signature schemes based on factoring
Information Processing Letters
Playing Lottery on the Internet
ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Robust ID-based threshold signcryption scheme from pairings
InfoSecu '04 Proceedings of the 3rd international conference on Information security
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Hi-index | 0.00 |
At EUROCRYPT'88, we introduced an interactive zero-knowledge protocol (Guillou and Quisquater [13]) fitted to the authentication of tamper-resistant devices (e.g. smart cards, Guillou and Ugon [14]).Each security device stores its secret authentication number, an RSA-like signature computed by an authority from the device identity. Any transaction between a tamper-resistant security device and a verifier is limited to a unique interaction: the device sends its identity and a random test number, then the verifier tells a random large question; and finally the device answers by a witness number. The transaction is successful when the test number is reconstructed from the witness number, the question and the identity according to numbers published by the authority and rules of redundancy possibly standardized.This protocol allows a cooperation between users in such a way that a group of cooperative users looks like a new entity, having a shadowed identity the product of the individual shadowed identities, while each member reveals nothing about its secret.In another scenario, the secret is partitioned between distinct devices sharing the same identity. A group of cooperative users looks like a unique user having a larger public exponent which is the greater common multiple of each individual exponent.In this paper, additional features are introduced in order to provide: firstly, a mutual interactive authentication of both communicating entities and previously exchanged messages, and, secondly, a digital signature of messages, with a non-interactive zero-knowledge protocol. The problem of multiple signature is solved here in a very smart way due to the possibilities of cooperation between users.The only secret key is the factors of the composite number chosen by the authority delivering one authentication number to each smart card. This key is not known by the user. At the user level, such a scheme may be considered as a keyless identity-based integrity scheme. This integrity has anew and important property: it cannot be misused, i.e. derived into a confidentiality scheme.