Abstract
The security bounds we will define and discuss in this paper is an universal security measure for parallel versions of identification protocols. From this bound we can judge which of the security measures defined in [FFS],[FeS],[OO] are satisfied. The bounds are controllable in the sense that they are connected with a security parameter. When the bound is a “sharp-threshold” security bound, it is tight enough to describe the security of the protocol precisely. Using this bound, we discuss the generalized Fiat-Shamir identification scheme ID(L,k,t,n) which is defined in [CDL]. Under the assumption that there is no polynomial time algorithm of factoring, the parallel version of the scheme is secure in the sense that even cheating verifier B can get some information from the interacting with the prover, the information he get is absolutely useless for cheating.
Cite
CITATION STYLE
Chen, L., & Damgård, I. (1993). Security bounds for parallel versions of identification protocols. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 658 LNCS, pp. 461–466). Springer Verlag. https://doi.org/10.1007/3-540-47555-9_40
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
