A Note on the Cramer-Damgard Identification Scheme

In light of the recent work of Micali and Reyzin on showing the subtleties and complexities of the soundness notions of zero-knowledge (ZK) protocols when the verifier has his public-key, we re-investigate the Cramer-Damgård intended-verifier identification scheme and show two man-in-the-middle attacks in some reasonable settings: one simple replaying attack and one ingenious interleaving attack. Our attacks are independent of the underlying hardness assumptions assumed.