Abstract.
We analyze the security of an interactive identification scheme. The scheme is the obvious extension of the original square root scheme of Goldwasser, Micali, and Rackoff to 2 m th roots. This scheme is quite practical, especially in terms of storage and communication complexity. Although this scheme is certainly not new, its security was apparently not fully understood. We prove that this scheme is secure if factoring integers is hard, even against active attacks where the adversary is first allowed to pose as a verifier before attempting impersonation.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
Author information
Authors and Affiliations
Additional information
Received 29 July 1996 and revised 30 June 1998
Rights and permissions
About this article
Cite this article
Shoup, V. On the Security of a Practical Identification Scheme . J. Cryptology 12, 247–260 (1999). https://doi.org/10.1007/s001459900056
Published:
Issue Date:
DOI: https://doi.org/10.1007/s001459900056