Introduction
When a sender sends a message through an insecure channel to a receiver, there may be a possibility that an intruder can intercept the message, and the intruder may try to act as the sender and modifies the original message. To solve this problem, Identification Schemes were introduced. In an identification scheme, one party, P (the prover), attempts to convince another party, V (the verifier), of its identity through an interactive protocol. P has a secret key corresponding to its public key that enables it and no one else to convince the verifier of its identity.
In this blog, we will briefly discuss secure identification schemes in Cryptography.
Working of Identification Schemes
Let's say there is two-way communication between Alice (sender) and Bob (receiver).
A secure identification scheme's goal is to prevent someone from pretending to be Alice after "listening in" as Alice introduces herself to Bob, for example. At the very least, the attack model allows the adversary to monitor all the information being exchanged between Alice and Bob. To be able to pass for Alice is the adversarial objective. Furthermore, we could try to prevent Bob from trying to pass as Alice once she has introduced herself to him. Our ultimate goal is to create "zero-knowledge" schemes that allow Alice to electronically prove her identification without "revealing" the knowledge or even just a portion of the knowledge utilized as her identifying information.
Design of an Identification Scheme
Various efficient and secure identifying methods have been found. One goal is finding a straightforward plan to execute on a smart card, which is just a credit card with a chip that can perform arithmetic computations. It's crucial to remember that the "additional" protection only consists of someone watching the communication channel. Since the card is the one "proving" its identity, there is no additional security against loss. A PIN would still be required to prove that the person beginning the identifying scheme is the card's rightful owner.
Let’s take a look at the Secure Identification Scheme; the steps are as follows:-
-
Bob chooses a random challenge, denoted by rc, which he sends to Alice.
-
Alice computes bob’s response y = MACk(rc) and sends it back to Bob.
-
Now, Bob computes y1 = MACk(rc).
-
If y1 = y, then Bob will accept the message; otherwise, she rejects it.
The first observation is that every identifying scheme should include some form of randomization. In the model we presented above, the technique is insecure if the data Alice communicates to Bob to identify herself never changes. This is due to a replay attack, which allows anyone watching a protocol run, including Bob, to save and use the identifying information. Therefore, "random challenges" are typically a part of secure identification techniques.
84+ registered