This paper introduces ID-based secret-key cryptography, in which secret keys are privately and uniquely binded to an identity. This enables to extend public-key cryptography features at the high throughput rate of secret-key cryptography. As applications, e#cient login protocols, an enhanced version of Kerberos, and an ID-based MAC algorithm are presented.

While the classical attack of “monitor the network and intercept the password” can be avoided by advanced protocols like SSH, one-time passwords are still considered a viable alternative or a supplement for software authentication since they are the only ones that safeguard against attacks on insecure client machines. In this paper by using public-key techniques we present a method called signature chain alternative to Lamport’s hash chain to improve security and flexibility of one-time passwords. Our proposition improves the security because first, like other public-key authentication protocols, the server and the user do not share a secret, thereby eliminating attacks on the server side. Second, from any incorrectly revealed one-time password, unspent passwords cannot be calculated if a signature chain is preferred. Having an infinite length, the chain in our proposition is more flexible and facilitates using the protocol without the complexity of restarting. On the other hand, the disadvantage of signature chain is the longer verification time with respect to hash chain based approaches.

I hereby declare that all information in this document has been obtained and presented in accordance with academic rules and ethical conduct. I also declare that, as required by these rules and conduct, I have fully cited and referenced all material and results that are not original to this work.

The aim of this paper is to present a signature scheme in which the ability to sign messages of a signer is limited to a fixed number k of signatures. It is an identity-based signature schemein whicheach signature canbe usedonly once. We called suchschemes "bounded life-span". It is based on mental games and it uses zero-knowledge tools. A validation center is needed to initialize this identity-based scheme. A credential center is used to insure the unicity and the bounded life-span aspects. It allows delegation and numerous practical applications. 1 Introduction There are a lot of situations where the receiver of a message needs assurances concerning its non-alteration (accidental or voluntary), i.e. the authenticity (integrity) of the message and of its origin. The sender must be able to "sign" a message in such a way that any alteration of the message will be immediately revealed by the "signature". Furthermore, if the signature cannot be forged then this will also authentic...

This paper considers the problem of efficiently generating a sequence of secrets with the special property that the knowledge of one or several secrets does not help an adversary to find the other ones. This is