Disclaimer: This page refers to an external person. It only lists all the interactions between this person and the Crypto Group. Validity or accuracy of the following information is thus not guaranteed in any way.
Seminars given
November 23, 2005  On the security proof of the GQ2 authentication scheme
by Sophie Boutiton
Abstract:  This presentation deals with the security proof of the GQ2 authentication scheme. The three properties of completeness, soundness and zeroknowledge must be verified as for each secure 3pass zeroknowledge protocol.
In particular, we study the soundness property that reveals the security threshold of the scheme. We determine sufficient conditions to ensure that convincing the verifier with a probability higher than the security threshold in a nonnegligible way, induces the knowledge of modulus factorization.
First, we verify that this security threshold is underestimated by $1/2^{km}$, where $k$ is the security parameter and $m$ the number of basic numbers. Then, the generalization of the forking lemma permits to characterize the security threshold by the probability to produce keypairs that reveal modulus factorization. The optimal security conditions of the GQ2 protocol are linked to the security threshold that is equal to $1/2^{km}$.
Application: in the case of two factors congruent to 3 modulo 4, we prove that the security threshold is $1/2$. Then, we generalize the argument to any factors using a graphical representation of the square function graph on the factors groups. In some particular cases validated by simulations, we deduce an optimal security threshold of $1/2^b$ where $b$ denotes an adaptative parameter.
