Add solution for 5j

2022-06-21 17:37:40 +02:00 · 2022-06-21 17:37:40 +02:00 · 93fc6d5b3b
commit 93fc6d5b3b
parent 22f0ec4edd
1 changed files with 12 additions and 1 deletions
--- a/exam/ex.tex
+++ b/exam/ex.tex
@ -319,7 +319,18 @@
    and simulated transcripts are the same. A given valid transcript occurs with
    probability $1/2^{130}$.

-    \item \TODO
+    \item $\mathsf{ID}_{CGI2}$ can be used for authentication if a client
+      (prover) proves to a server (verifier) the possession of a password
+      without actually revealing it. The client shares a commitment with the
+      server and as soon as the client wants to log-in, it receives a challenge
+      from the server. If the client can successfully pass the challenge (i.e.,
+      the response from the client is equal to the commitment), it is
+      authenticated with the server.
+
+      The advantage of such a scheme over conventional password-based
+      authentication is that the secret is never transmitted to anyone.
+      Futhermore, the commitment is also not vulnerable to dictionary attacks,
+      as is common with stored password hashes on the server's side.

    \item \TODO