Abstract
There are two equally important, related, functions involved in the control of assets and resources. One of these is the verification of a potential user’s identity and authority to use or have access to those assets. The other is to provide a record (receipt) of each access so that in the event of a later dispute as to whether an illegitimate use was made of the assets, or of the extent of the liability incurred in a legitimate use, etc., the authenticity and specifics of the access can be demonstrated in a logically compelling (and hence eventually legally binding) manner to an impartial third party or arbiter. Elaborate, and legally accepted, document based protocols to accomplish these functions are central to all commercial and private transactions. When the resources are remotely accessible, however, as in the case of computer data files, electronic funds transfers (EFT), automated bank tellers, and even in many manned point-of-sale systems, no satisfactory counterpart to the established document based protocols for verifying individual identity and/or authority to use a resource have been found, nor has a fully satisfactory means been devised to provide unforgeable transaction receipts. In this paper, we show how a public authentication channel can be used to certify private (user unique) authentication channels in a protocol that both “proves” a potential user’s identity and authority and also provides certified receipts for transactions whose legitimacy can later be verified by impartial arbiters who did not have to be parties to the original transaction.
We also introduce an authentication scheme to be used in this application based on the legitimate originator of information being able to extract square roots modulo n — pq, where p and q are primes of a special form. We show that these protocols provide a zero-knowledge proof of identity and of veracity transaction receipts, and that they are therefore very secure. We also show how the legitimate owner of the authentication channel can give a zero-knowledge proof that the modulus n has the correct form, thereby eliminating the possibility of the existence of several known subliminal channels.
This author’s work performed at Sandia National Laboratories supported by the U. S. Department of Energy under contract no. DE-AC04-76DP00789.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
E. F. Brickell and J. M. DeLaurentis, “An Attack on a Signature Scheme Proposed by Okamoto and Shiraishi,” Crypto’85, Santa Barbara, CA, Aug. 19–22, 1985, in Advances in Cryptology, Ed. by H. C. Williams, Springer-Verlag, Berlin, 1986, pp. 28–32.
David M. Burton, Elementary Number Theory, Allyn and Bacon, Inc., Boston, MA, 1976.
Y. Desmedt, C. Goutier and S. Bengio, “Special Uses and Abuses of the Fiat-Shamir Passport Protocol,” preprint obtained from authors.
J. van de Graaf and R. Peralta, “A Simple and Secure Way to Show the Validity of your Public Key,” Crypto’87, Santa Barbara, CA, Aug. 16–20, 1987, in Advances in Cryptology, Ed. By Carl Pomerance, Springer-Verlag, Berlin, 1988, pp. 128–134.
D. E. Knuth, The Art of Computer Programming. Addison-Wesley, Reading, MA, 1969; 2nd ed., 1981.
D. H. Lehmer, “Computer Technology Applied to the Theory of Numbers,” in MAA Studies in Mathematics. Vol. 6, Studies in Number Theory. W. J. LeVeque, ed., Prentice-Hall, NJ, 1969, pp. 117–151.
P. D. Merillat, “Secure Stand-Alone Positive Personnel Identity Verification System (SSA-PPIV),” Sandia National Laboratories Tech. Rpt. SAND79-0070, March.
R. M. Needham and M. Schroeder, “Using Encryption for Authentication in Large Networks of Computers,” Comm. ACM. Vol. 21(12), Dec. 1978, pp. 993–999.
H. Ong, C. P. Schnorr and A. Shamir, “An Efficient Signature Scheme Based on Quadratic Equations,” in Proc. 16th Symp, on the Theory of Computing, Washington, 1984, pp. 208–216.
H. Ong. C. P. Schnorr and A. Shamir, “Efficient Signature Schemes Based on Polynomial Equations,” in Proc. Advances in Cryptology — Crypto’84 (G. R. Blakley and D. Chaum, Eds.), Lecture Notes in Computer Science 196. New York: Springer-Verlag, 1985, pp. 37–46.
J. M. Pollard and C. P. Schnorr, “An Efficient Solution of the Congruence x2 + ky2-m(mod n),” IEEE Trans. Info. Theory. V. IT-33, No. 5, Sept. 1987, pp. 702–709.
G. P. Purdy, “A High Security Log-in Procedure,” Comm. ACM, Vol. 17(8), Aug. 1974, pp. 442–445.
G. P. Purdy, “A Zero-Knowledge Proof Scheme Showing that n — pq,” preprint.
M. O. Rabin, “Digitized Signatures and Public-key Functions as Intractable as Factorization,” M.I.T. Lab. for Computer Science, Tech. Report LCS/TR-212, 1979.
G. J. Simmons and D. B. Holdridge, “Forward Search as a Cryptanalytic Tool Against a Public Key Privacy Channel,” Proc. of the IEEE Computer Soc. 1982 Symp. on Security and Privacy. Oakland, CA, April 26–28, 1982, pp. 117–128.
G. J. Simmons, “A System for Verifying User Identity and Authorization at the Point-of-Sale or Access,” Cryptologia, Vol. 8(1), Jan. 1984, pp. 1–21.
G. J. Simmons, “The Subliminal Channel and Digital Signatures,” Eurocrypt’84, Paris, France, April 9–11, 1984, in Advances in Cryptology, Ed. by T. Beth, et al., Springer-Verlag, Berlin, 1985, pp. 364–378.
G. J. Simmons, “A Secure Subliminal Channel (?),” Crypto’85, Santa Barbara, CA, Aug. 19–22, 1985, in Advances in Cryptology, Ed. by H. C. Williams, Springer-Verlag, Berlin, 1986, pp. 33–41.
G. J. Simmons, “An Impersonation-Proof Identity Verification Scheme,” Proceedings of Crypto’87, Santa Barbara, CA, August 16–20, 1987, in Advances in Cryptology, Ed. by Carl Pomerance, Springer-Verlag, Berlin, to appear.
J. Stein, “Computational Problems Associated with Racah Algebra,” J. Comp. Phys., Vol. 1, 1967, pp. 397–405.
M. V. Wilkes, Time-Sharing Computing Systems, Elsevier/MacDonald, New York, 1968; 3rd ed., 1975.
H. C. Williams, “A Modification of the RSA Public-Key Encryption Procedure,” IEEE Trans. on Info, Theory, Vol. IT-26, No. 6, Nov. 1980, pp. 726–729.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1988 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Simmons, G.J., Purdy, G.B. (1988). Zero-Knowledge Proofs of Identity and Veracity of Transaction Receipts. In: Barstow, D., et al. Advances in Cryptology — EUROCRYPT ’88. EUROCRYPT 1988. Lecture Notes in Computer Science, vol 330. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45961-8_4
Download citation
DOI: https://doi.org/10.1007/3-540-45961-8_4
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-50251-7
Online ISBN: 978-3-540-45961-3
eBook Packages: Springer Book Archive