This paper focuses on authentication with three types of entities: a user who sends an authentication request, a service provider who receives and verifies the request, and a database who supplies the service provider with information for verifying the request. This paper presents novel authentication protocols that satisfy the following important properties: (1) secure against replay attacks and (2) the database cannot identify which user is authenticating. First, we show a protocol which satisfies Properties (2). Second, we show a protocol which satisfies Properties (1) and (2). A key idea of our authentication protocols is to use private information retrieval (PIR) [Chor et al. J. ACM, 1998].
|ジャーナル||Journal of Digital Information Management|
|出版ステータス||出版済み - 4月 2011|
!!!All Science Journal Classification (ASJC) codes