Introduction, Scenario, and Related Work
Most cryptographic primitives for authentication schemes in the digital world are based on the knowledge of a private key or secret, for example digital signatures or zero-knowledge proofs. In many cases there is an (at least) implicit binding of the secret to a person. If you receive a signed mail, you assume it is signed by the regular owner of the private key; if you authenticate yourself with a zero-knowledge proof, you are expected not to give the secret to another person. On the other hand, one may not put too many trust into this assumption since this secrets are eventually digital data which can be copied without evidence. Two obvious situations come to one’s mind: On the one hand, cryptographic secrets are not very memorisable for human beings in general, so they are usually stored somewhere, where they could be stolen. On the other hand, the user may want to share his secret with somebody while the authorising organisation does not want him to do so.
Unable to display preview. Download preview PDF.