Distributed user identification by zero-knowledge access rights proving

Josep Domingo-Ferrer

    Research output: Contribution to journalArticleResearchpeer-review

    1 Citation (Scopus)


    A scheme for identifying the rights of users to access files in a computer network with many servers is presented. Users are granted rights by an authority, and servers need only a certified list of available access rights in order to perform access control. A server stores no information about the users, neither access matrix nor passwords-user portability-, which enables the authority to perform user registration, rights granting and rights revocation independently of servers; moreover, the latter two are public operations in the clear. The number of rights shared by more than one user throughout the network is a lower bound for the number of secret pieces held by each user, but his unshared rights can be increased indefinitely without changing or increasing his secret information. Rights possession proofs are zero-knowledge and simultaneous. © 1991.
    Original languageEnglish
    Pages (from-to)235-239
    JournalInformation Processing Letters
    Issue number5
    Publication statusPublished - 13 Dec 1991


    • access control
    • computer security
    • Distributed identification
    • distributed systems
    • zero-knowledge proofs


    Dive into the research topics of 'Distributed user identification by zero-knowledge access rights proving'. Together they form a unique fingerprint.

    Cite this