Abstract
Most schemes for the verification of personal identity are logically flawed in that they require an individual to exhibit a piece of private, i.e., secret, infor- mation such as a computer access password, a telephone credit card number, a per- sonal identification number (PIN), etc., to prove his identity. The logical problem is that this information, once exhibited, is potentially compromised and. could be used by anyone to undetectably impersonate the legitimate owner. What is needed is a protocol that will allow an individual to “prove” that he knows the secret piece of information, whose possession is equated with his identity, without revealing anything about the information itself which could aid a would-be cheater to imper- sonate him. Several investigators have proposed identification schemes to accom- plish this [ 1 , 2 , 3 , 4 ] that depend on interactive-proof schemes, often referred to as zero-knowledge proofs or ping-pong protocols, in which the individual responds to a series of queries in a way that the legitimate user could, but which an impostor (probably) could not. We describe a simpler identity verification scheme which uses a public authentication channel to validate a private authentication channel belong- ing to the individual who wishes to prove his identity. The public and the private channels can be completely independent and can even be based on different authen- tication algorithms, or they can both be of the same type. This scheme also pro- vides certified receipts for transactions whose legitimacy can later be verified by impartial arbiters who were not involved in the transaction itself.
This work performed at Sandia National Laboratories supported by the U. S. Department of Energy under contract no. DE-AC04-76DP00789.
Chapter PDF
Similar content being viewed by others
Keywords
- Sandia National Laboratory
- Legitimate User
- Forward Search
- Propose Identification Scheme
- Legitimate Owner
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
A. Fiat and A. Shamir, “How to prove yourself: practical solutions to identification and signature problems,” Proceedings of Crypto-86, Santa Barbara, August 1986, pp. 1–13.
A. Shamir, “Identity-based cryptosystems and signature schemes,” Proceedings of Crypto’84, Santa Barbara, August 1984, pp. 47–53.
O. Goldreich, S. Hicali and A. Wigderson, “Proofs that yield nothing but the validity of the assertion and the methodology of cryptographic protocol design,” Submitted to 27th Symposium on Foundations of Computer Science, November 1986.
E. Okamoto, “Proposal for identity-based key distribution systems,” Electronics Letters, Vol. 22, No. 24 (Nov. 20, 1986), pp. 1283–1284.
G. J. Simmons and D. B. Holdridge, “Forward search as a cryptanalytic tool against a public key privacy channel,” Proceedings of the IEEE Computer Society 1982 Symposium on Security and Privacy, Oakland, CA, April 26–28, 1982, pp. 117–128.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1988 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Simmons, G.J. (1988). An Impersonation-Proof Identity Verification Scheme. In: Pomerance, C. (eds) Advances in Cryptology — CRYPTO ’87. CRYPTO 1987. Lecture Notes in Computer Science, vol 293. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48184-2_17
Download citation
DOI: https://doi.org/10.1007/3-540-48184-2_17
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-18796-7
Online ISBN: 978-3-540-48184-3
eBook Packages: Springer Book Archive