Provable security and fairness in cryptographic identification and signature schemes / Sécurité prouvée et équité dans les schémas cryptographiques d'identification et de signature

Identification schemes are public-key cryptographic primitives that allow an entity (called the prover) to prove his or her identity to another entity. An identification scheme is secure if no attacker can impersonate the prover. Digital signature schemes allow an entity to produce a signature on a message; given the message and the signature, another entity can check the identity of the signer and verify that the message was not modified. A secure digital signature scheme is such that an attacker can not produce a forgery, i.e. a false signature. There has been a lot of work aiming at establishing, in a provable manner, the security of such schemes. Given a cryptographic scheme and a security property, one should be able to demonstrate whether the scheme satisfies it or not. The approach is usually the following: when the security property is not satisfied, show it with an efficient attack; when it is satisfied, use a security proof. But even when they are provably secure, cryptographic schemes can be attacked: it can be at the implementation level, or because of a flaw in the proof. The goal of this thesis is to apply these approaches to study the security of several public-key cryptographic schemes. We study the GPS identification scheme and show how some implementations can be broken by an efficient attack. We show how to securely sign long messages with RSA. We break a fair exchange signature scheme based on GPS and RSA. We consider a new problem called fair identification and propose a fair identification scheme.