Secret Handshakes From Pairing-Based Key Agreement
Thus, a secret handshake protocol offers data protection-friendly authentication and can be used whenever group members need to identify and communicate securely without being observed or recognized. Most previous work in secret handshake protocols has looked at two-part scenarios. In this article, we propose formal definitions of secret handshakes with several parts, and we develop a practical and proven multi-page secret handshake scheme, combining the secret protocol of Castelluccia et al., based on Schnorr signatures , with a group key memorandum of understanding between Burmese and Desmedt . Secret handshake (SH) schemes allow two members belonging to the same group to authenticate each other in such a way as to hide their belonging to that group from all others. The most naïve method is that member IDENTIFIERS are eliminated and members have a common group IDENTIFIER. However, if there is no member ID, you cannot disclose the handshake player ID in the event of a dispute. We thus insert an SH with request-based-revealing (SHRBR). In SHRBR schemes, GA can verify that handshake players belong to their own group, but do not only disclose member IDs. After a handshake player A executes a handshake protocol with B, if A wants to reveal a handshake partner (in this case B), A GA asks to reveal the IDENTIFIER of a handshake partner by producing its own identifier and secret information of A. We define the safety requirements for SHRBR systems and offer two specific SHRBR schemes, SHRBR-1 and SHRBR-2.
We highlight that the proposed SHRBR schemas meet the security requirements in the random oracle model. ACNS 2006: Applied Cryptography and Network Security pp. 325-339 | Cite as 情報学広場に掲載 ॅれているコンテ}ツには有料のものも含まれています. The resulting scheme achieves very strong data protection characteristics, but it is as effective as the authenticated (non-private) version of the Burmese Desmedt protocol [4, 6], but requires the provision of unique certificates for each member of the group. The document , which is accepted in EuroPKI2011, is the main version of this document. This work was done when the first author was a PhD student at the University of Tokyo. .