Identification Protocols

Indentification protocols are two-party interactive protocols between a prover and a verifier that allow the verifier to identify the prover as the legitimate owner of a public key. Identification protocols can be obtained from zero-knowledge proof systems for hard computational problems, and can be used to build digital signatures using the Fiat-Shamir heuristics.

  1. Statistical Zero-Knowledge Proofs with Efficient Provers: Lattice Problems and More
    (Micciancio & Vadhan - Crypto 2003)

  2. Tightly-Secure Signatures From Lossy Identification Schemes
    (Abdalla, Fouque, Lyubashevsky & Tibouchi - Eurocrypt 2012)

  3. Lattice-Based Identification Schemes Secure Under Active Attacks
    (Lyubashevsky - PKC 2008)

  4. Zero-Knowledge Protocols for NTRU: Application to Identification and Proof of Plaintext Knowledge
    (Xagawa & Tanaka - ProvSec 2009)

  5. Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems
    (Kawachi, Tanaka & Xagawa - AsiaCrypt 2008)

  6. Improved Zero-Knowledge Identification with Lattices
    (Cayrel, Lindner, Ruckert & Silva - ProvSec 2010)

  7. Adaptively Secure Identity-Based Identification from Lattices without Random Oracles
    (Ruckert - SCN 2010)

  8. A lattice-based batch identification scheme
    (Silva, Cayrel & Lindner - ITW 2011)

  9. LWE-based identification schemes
    (Silva, Campello & Dahab - ITW 2011

  10. Improved Zero-knowledge Proofs of Knowledge for the ISIS Problem, and Applications
    (Ling, Nguyen, Stehle & Wang - PKC 2013)

  11. Efficient Zero-Knowledge Proofs for Commitments from Learning with Errors over Rings
    (Benhamouda, Krenn, Lyubashevsky & Pietrzak - ESORICS 2015)

  12. Better Zero-Knowledge Proofs for Lattice Encryption and Their Application to Group Signatures
    (Benhamouda, Camenisch, Krenn, Lyubashevsky & Neven - AsiaCrypt 2014)