Resettability Problem Recall

What if the Verifier could execute the ID protocol repeatedly reseting the prover to use same randomness?

(e.g. Disconnect the power supply of prover implemented by a Smart Card.)

Observation: Proofs of Knowledge of a secret (by definition) can not be ZK/WI/WH if prover can be reset.

Extractor reset attack discovers the secret.

Thus: Identification Schemes based on POK-paradigm are insecure against reset attacks.

Diapositive prÈcÈdente

Diapositive suivante

Revenir ý la premiËre diapositive

Afficher la version graphique