Three-Round Secret Handshakes Based on ElGamal and DSA

Abstract

Secret handshake, introduced recently by Balfanz et al, is a very useful cryptographic mechanism which allows two members of the same group to authenticate each other secretly. In a secret handshake protocol, an honest member in the group will never reveal his group affiliation unless the other party is a valid member of the same group. In other words, only the members who have certificates from the Group Administrator can be successful in handshaking. If a handshake between two parties fails, the identity of either party will not be disclosed. Several secret handshake schemes have been found in the literature, which are based on pairing, CA-Oblivious Encryption and RSA. Furthermore, several Oblivious Signature-Based Envelopes (OSBE) schemes based on the ElGamal signature family were introduced recently by Nasserian and Tsudik, and they proposed a generic construction of secret handshake from OSBE based on ElGamal signature family as well. It is shown in the generic construction that any ElGamal signature family based OSBE scheme can be converted to secret handshake within three communication rounds, except the ElGamal and DSA signature. In this paper, to complement the previous result, we show a three-round secret handshake scheme based on ElGamal signature. We prove that the scheme is existentially unforgeable in the Random Oracle Model (ROM). Finally we extend our scheme to a DSA-based secret handshake which also requires only three rounds.