Discrete Logarithm Based Protocols

The Exponential Security System (TESS) developed at the European Institute for System Security is the result of an attempt to increase the security in heterogenous computer networks. In this paper we present the cryptographic protocols in the kernel of TESS. We show how they can be used to implement access control, authentication, confidentiality protection, key exchange, digital signatures and distributed network security management. We also look at the compatibility of TESS with existing standards, like the X.509 Directory Authentication Framework, and compare it to established systems like Kerberos. A comparison of TESS with the non-electronic "paper"-world of authentication and data exchange shows strong parallels. Finally we give a short overview of the current state of development and availability of different TESS components.

[1]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[2]  Martin E. Hellman,et al.  An improved algorithm for computing logarithms over GF(p) and its cryptographic significance (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[3]  David Chaum,et al.  An Improved Protocol for Demonstrating Possession of Discrete Logarithms and Some Generalizations , 1987, EUROCRYPT.

[4]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[5]  Marc Girault,et al.  Self-Certified Public Keys , 1991, EUROCRYPT.

[6]  Adi Shamir,et al.  How to expose an eavesdropper , 1984, CACM.

[7]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[8]  Hans-Joachim Knobloch,et al.  How to Keep Authenticity Alive in a Computer Network , 1990, EUROCRYPT.

[9]  Andrew M. Odlyzko,et al.  Discrete Logarithms in Finite Fields and Their Cryptographic Significance , 1985, EUROCRYPT.

[10]  S. Vanstone,et al.  Improved digital signature scheme based on discrete exponentiation , 1990 .

[11]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[12]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[13]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[14]  Thomas Beth,et al.  Efficient Zero-Knowledge Identification Scheme for Smart Cards , 1988, EUROCRYPT.