Abstract
An authentication protocol is a procedure by which an informant tries to convey n bits of information, which we call an input message, to a recipient. An intruder, I, controls the network over which the informant and the recipient talk and may change any message before it reaches its destination. a If the protocol has security p, then the the recipient must detect this a cheating with probability at least 1 − p. This paper is devoted to characterizing the amount of secret information that the sender and receipient must share in a p-secure protocol. We provide a single-round authentication protocol which requires log(n) + 5 log(1/p) bits of secrecy. as well as a single-round protocol which requires log(n) + 2 1og(1/p) bits of secrecy based on non-constructive random codes. We prove a lower bound of log(n) +log(1/p) secret bits for single-round protocols.
We introduce authentication protocols with more than one round of communication (multi-round protocols) and present a k-round protocol which reduces the amount of secret information that the two parties need to log(k)(n) + 51og(1/p). When the number of rounds is log*(n), our protocol requires 2 log(1/p) + O(1) bits. Hence interaction helps when log(n) > log(1/p). We also show a lower bound of log(k)(n) on the number of shared random bits in a k-round protocol.
Part of this work was done while the author was with the IBM Almaden Research Center.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
N. Alon, J. Bruck, J. Naor, M. Naor, R. Roth, Construction of Asymptotically Good Low-Rate Error-Correcting Codes through Pseudo-Random Graphs, IEEE Transactions on Information Theory, Vol. 38, No. 2, March 1992
M. Blum, W. Evans, P. Gemmell, S. Kannan, M. Naor Checking the Correctness of Memories, Proc. 31st Symp. on Foundations of Computer Science, October 1990.
E. F. Brickell. A Few Results in Message Authentication Congressus Numerantium 43 (1984), 141–154.
E. Gilbert, F. J. MacWilliams, N. Sloane, Codes Which Detect Deception, The Bell System Technical Journal, Vol. 53, No. 3, March 1974
M. Jimbo, R. Fuji-hara. Optimal Authentication Systems and Combinatorial Designs, IEEE Transactions on Information Theory, vol. 36, no 1, January 1990, pp 54–62.
F. J. MacWilliams, N. Sloane. The Theory of Error Correcting Codes, North Holland, Amsterdam, 1977.
R. Roth. Personal Communication
G. Simmons, A Survey of Information Authentication, Proceedings of the IEEE, Vol. 76, No. 5, May 1988
D. Stinson. Universal Hashing and Authentication Codes. Advances in Cryptology: CRYPTO’ 91, pp 74–85.
D. Stinson. Combinatorial Characterizations of Authentication Codes. Advances in Cryptology: CRYPTO’ 91, pp 62–73.
D. Stinson. The Combinatorics of Authentication and Secrecy Codes. Journal of Cryptology, 1990, vol.2, (no.1):23–49.
D. Stinson. Some Constructions and Bounds for Authentication Codes. Journal of Cryptology, 1988, vol.1, 37–51.
D. Stinson. A Construction of Authentication/Secrecy Codes from Certain Combinatorial Designs Journal of Cryptology, 1988, vol.1, (no.2):119–127.
Wegman and Carter, New Hash functions and their use in authentication and set equality J. Computer and System Sci. 22, 1981, pp. 265–279.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1994 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gemmell, P., Naor, M. (1994). Codes for Interactive Authentication. In: Stinson, D.R. (eds) Advances in Cryptology — CRYPTO’ 93. CRYPTO 1993. Lecture Notes in Computer Science, vol 773. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48329-2_30
Download citation
DOI: https://doi.org/10.1007/3-540-48329-2_30
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-57766-9
Online ISBN: 978-3-540-48329-8
eBook Packages: Springer Book Archive