A 2-round Identification Scheme Secure against Concurrent Man-in-the-Middle Attacks

摘要

我々は高い効率と強い安全性で特徴付けられる離散対数ベースの認証スキームを与える．実際，対話証明の効率の良さを保ちつつ，それは2ラウンドのみの対話を必要とする．加えて，ギャップ計算Diffie-Hellman仮定へのタイトな帰着に基づき，かつランダムオラクル無しに，それは同時発生的中間者攻撃に対し安全である．我々のスキームはDiffie-Hellman鍵交換に類似のスキームを原型とする．この原型は，より強い仮定に基づき，二段階の同時発生的攻撃に対してのみ安全である．この原型にタグの手法を適用しワンタイム署名を組み入れることで，我々は上記の望ましいスキームを得る．%We give a discrete logarithm based identification scheme characterized by its high efficiency and strong security. In fact, keeping efficiency as an interactive proof, it needs only 2-round interaction. Moreover, based on tight reduction to the Gap Computational Diffie-Hellman Assumption, and without the random oracle, it is secure against concurrent man-in-the-middle attacks.Our scheme has a prototype scheme similar to half the operation of Diffie-Hellman Key-Exchange. The prototype is secure only against two-phase concurrent attacks based on stronger assumptions. Applying tag technique and employing a one-time signature in the prototype, we get the preferable scheme above.