Zero-Knowledge Authentication Scheme with Secret Key Exchange

Abstract. In this paper we formally define proof systems for functions and develop an example of such a proof with a constant number of rounds, which we modify (at no extra communication cost) into an identification scheme with secret key exchange for subsequent conventional encryption. Implemented on a standard 32-bit chip or similar, the whole protocol, which involves mutual identification of two users, exchange of a random common secret key, and verification of certificates for the public keys (RSA, 512 bits) takes less than 3/4 second.

[1]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..

[2]  David Chaum,et al.  Direct Zero Knowledge Proofs of Computational Power in Five Rounds , 1991, EUROCRYPT.

[3]  Oded Goldreich,et al.  RSA/Rabin Bits are 1/2 + 1/poly(log N) Secure , 1984, FOCS.

[4]  Manuel Blum,et al.  Noninteractive Zero-Knowledge , 1991, SIAM J. Comput..

[5]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1988, Journal of Cryptology.

[6]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[7]  Manuel Blum,et al.  An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information , 1985, CRYPTO.

[8]  Jean-Jacques Quisquater,et al.  A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge , 1988, CRYPTO.

[9]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[10]  Manuel Blum,et al.  Proving Security Against Chosen Cyphertext Attacks , 1988, CRYPTO.

[11]  Ivan Damgård,et al.  Zero-Knowledge Authentication Scheme with Secret Key Exchange (Extended Abstract) , 1988, CRYPTO.

[12]  Adi Shamir,et al.  An Improvement of the Fiat-Shamir Identification and Signature Scheme , 1988, CRYPTO.

[13]  David Chaum,et al.  Multiparty Computations Ensuring Privacy of Each Party's Input and Correctness of the Result , 1987, CRYPTO.

[14]  S. Micali,et al.  Noninteractive Zero-Knowledge , 1990, SIAM J. Comput..

[15]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[16]  Martin Tompa,et al.  Random self-reducibility and zero knowledge interactive proofs of possession of information , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).