Twin-Beth: Security under active and concurrent attacks for the beth identity-based identification scheme

Abstract

In 2004, Bellare et al. formalized the notion for identity-based identification (IBI) schemes and proposed many schemes based on their transformation from standard identification schemes. However the authors left the security under active/concurrent attacks of one of the pairing-free schemes, the Beth-IBI scheme, as an open problem. In 2008, Crescenzo provided the solution to this open problem with a small modification to the original Beth-IBI scheme. However, recently Chin et al. pointed out security flaws in Crescenzo's modified Beth-IBI scheme, resulting in total break of the scheme and leaving Bellare et al's open problem unanswered once more. In this paper, we provide a solution to the open problem, showing that with only some additional overhead to modify the original Beth-IBI scheme we can achieve security against active and concurrent attacks. Furthermore, our security guarantee results are superior to Crescenzo's attempt in that we rely only on the classical discrete-logarithm assumption for our active and concurrent security proof, which is a weaker assumption than Crescenzo's one-more counterpart.