There are several variants of the Fiat–Shamir identification protocol. One way to classify these is based on the number of secrets. In the basic one [4] each prover knows only one secret. Another is to distinguish between identity based and public key based ones. In both, a trusted center made public \(n=p\cdot q\) such that p and q are secret a prime numbers only known to the center.
In the identity based system [3, p. 152] (see also [2, 4, 5]) a trusted center gives each user a secret key, partially based on biometrics. In particular, to receive an identity from the trusted center, Alice goes to the center. There her fingerprints and, other biometrics information is collected and her identity verified. I is the string which contains: Alice's identity (name), Alice's biometrics, and other information to identify Alice uniquely. The center chooses k small \(j_< i>, 1\leq i\leq k,\) such that \(x_i:=f (I,j_< i>)\) are quadratic residues modulo n, where fis a public.
