Abstract

The invention is related to a method allowing a prover holding a secret key (x) to prove its identity to a verifier and to prove to this verifier that he is within a predetermined distance of this verifier, said method comprising an initialization phase during which: the prover picks a first nonce (Np) and communicates this first nonce to the verifier; the verifier picks a first random vector (a), a leak function (Lμ), and a second nonce (Nv); the verifier uses said leak function (Lμ) to compute a modified secret (x′) depending on the leak (Lμ(x)) of said secret; the verifier transmits to said prover said leak function and said second nonce; the prover retrieves said first random vector and said modified secret, wherein said first random vector and said modified secret are used by said prover for computing responses (ri) to challenges (ci).

Details

Actions