ANONYMOUS BUT AUTHORIZED TRANSACTIONS SUPPORTING SELECTIVE TRACEABILITY

Daniel Slamanig, Stefan Rass

Abstract

While privacy was more or less neglected in the early days of the Internet, in recent years it has emerged to be a hot topic in computer security research. Among other reasons, since the use of the Internet is becoming more and more ubiquitous, cloud computing emerges and consequently users provide a lot of information to potentially untrusted third parties. In this paper we propose an approach which provides a means for users to anonymously conduct transactions with a service-provider such that those transactions can neither be linked to a specific user nor linked together. At the same time, a service-provider can be sure that only authorized users are able to conduct transactions. In particular, we bring together the concepts of anonymous authentication from public-key encryption and anonymous as well as unlinkable token based transactions in order to profit from the advantages of the two single approaches. Since full anonymity is usually not desirable, we provide mechanism to identify misbehaving anonymous users behind transactions. More precisely, we realize selective traceability, which allows revocation of the anonymity of a suspicious users along with the identification of all of her transactions, without violating the privacy of all remaining users.

References

  1. Abe, M. and Fujisaki, E. (1996). How to Date Blind Signatures. In ASIACRYPT 7896, volume 1163 of LNCS, pages 244-251. Springer.
  2. Abe, M. and Okamoto, T. (2000). Provably Secure Partially Blind Signatures. In CRYPTO 7800, volume 1880 of LNCS, pages 271-286. Springer.
  3. Ateniese, G., Camenisch, J., Joye, M., and Tsudik, G. (2000). A Practical and Provably Secure CoalitionResistant Group Signature Scheme. In CRYPTO 7800, volume 1880 of LNCS, pages 255-270. Springer.
  4. Bellare, M., Boldyreva, A., and O'Neill, A. (2007). Deterministic and Efficiently Searchable Encryption. In CRYPTO 2007, volume 4622 of LNCS, pages 535- 552. Springer.
  5. Bellare, M., Namprempre, C., Pointcheval, D., and Semanko, M. (2003). The one-more-RSA-inversion problems and the security of chaum's blind signature scheme. J. Cryptology, 16(3):185-215.
  6. Blanton, M. (2008). Online Subscriptions with Anonymous Access. In ASIACCS 2008, pages 217-227. ACM.
  7. Boldyreva, A. (2003). Threshold Signatures, Multisignatures and Blind Signatures Based on the Gap-DiffieHellman-Group Signature Scheme. In PKC 2003, volume 2567 of LNCS, pages 31-46. Springer.
  8. Boneh, D., Lynn, B., and Shacham, H. (2004). Short Signatures from the Weil Pairing. Journal of Cryptology, 17(4):297-319.
  9. Camenisch, J., Hohenberger, S., Kohlweiss, M., Lysyanskaya, A., and Meyerovich, M. (2006). How to Win the Clone Wars: Efficient Periodic n-Times Anonymous Authentication. In CCS 7806, pages 201-210. ACM.
  10. Camenisch, J. and Lysyanskaya, A. (2001). An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In EUROCRYPT 7801, volume 2045 of LNCS, pages 93-118. Springer.
  11. Camenisch, J. and Lysyanskaya, A. (2002). A Signature Scheme with Efficient Protocols. In SCN' 02, volume 2576 of LNCS, pages 268-289. Springer.
  12. Camenisch, J. and Lysyanskaya, A. (2004). Signature schemes and anonymous credentials from bilinear maps. In CRYPTO 2004, volume 3152 of LNCS, pages 56-72. Springer.
  13. Canard, S., Gouget, A., and Hufschmitt, E. (2006). A Handy Multi-coupon System. In ACNS 2006, volume 3989 of LNCS, pages 66-81. Springer.
  14. Chaum, D. (1982). Blind Signatures for Untraceable Payments. In CRYPTO'82, pages 199-203. Plemum Press.
  15. Chaum, D. (1985). Security without identification: transaction systems to make big brother obsolete. Commun. ACM, 28(10):1030-1044.
  16. Chen, L., Escalante, A. N., L öhr, H., Manulis, M., and Sadeghi, A.-R. (2007). A Privacy-Protecting MultiCoupon Scheme with Stronger Protection Against Splitting. In FC 2007, volume 4886 of LNCS, pages 29-44. Springer.
  17. ElGamal, T. (1984). A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In CRYPTO 7884, volume 196 of LNCS, pages 10-18. Springer.
  18. Kiayias, A., Tsiounis, Y., and Yung, M. (2004). Traceable Signatures. In EUROCRYPT 7804, volume 3027 of LNCS, pages 571-589. Springer.
  19. Libert, B. and Yung, M. (2009). Efficient Traceable Signatures in the Standard Model. In Pairing 2009, volume 5671 of LNCS, pages 187-205. Springer.
  20. Lindell, Y. (2007). Anonymous Authentication - Preserving Your Privacy Online. Black Hat 2007.
  21. Lysyanskaya, A., Rivest, R. L., Sahai, A., and Wolf, S. (2000). Pseudonym Systems. In SAC 7800, volume 1758 of LNCS, pages 184-199. Springer.
  22. Rivest, R. L., Shamir, A., and Tauman, Y. (2001). How to Leak a Secret. In ASIACRYPT 7801, volume 2248 of LNCS, pages 552-565. Springer.
  23. Schechter, S., Parnell, T., and Hartemink, A. (1999). Anonymous Authentication of Membership in Dynamic Groups. In FC 1999, volume 1648 of LNCS, pages 184-195. Springer.
  24. Slamanig, D., Schartner, P., and Stingl, C. (2009). Practical Traceable Anonymous Identification. In SECRYPT 2009, pages 225-232. INSTICC Press.
  25. Stubblebine, S. G., Syverson, P. F., and Goldschlag, D. M. (1999). Unlinkable Serial Transactions: Protocols and Applications. ACM Trans. Inf. Syst. Secur., 2(4):354- 389.
  26. Verheul, E. R. (2001). Self-Blindable Credential Certificates from the Weil Pairing. In ASIACRYPT 7801, volume 2248 of LNCS, pages 533-551. Springer.
  27. Xi, Y., Sha, K., Shi, W., Schwiebert, L., and Zhang, T. (2008). Probabilistic Adaptive Anonymous Authentication in Vehicular Networks. J. Comput. Sci. Technol., 23(6):916-928.
Download


Paper Citation


in Harvard Style

Slamanig D. and Rass S. (2010). ANONYMOUS BUT AUTHORIZED TRANSACTIONS SUPPORTING SELECTIVE TRACEABILITY . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010) ISBN 978-989-8425-18-8, pages 132-141. DOI: 10.5220/0002994501320141


in Bibtex Style

@conference{secrypt10,
author={Daniel Slamanig and Stefan Rass},
title={ANONYMOUS BUT AUTHORIZED TRANSACTIONS SUPPORTING SELECTIVE TRACEABILITY},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)},
year={2010},
pages={132-141},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002994501320141},
isbn={978-989-8425-18-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)
TI - ANONYMOUS BUT AUTHORIZED TRANSACTIONS SUPPORTING SELECTIVE TRACEABILITY
SN - 978-989-8425-18-8
AU - Slamanig D.
AU - Rass S.
PY - 2010
SP - 132
EP - 141
DO - 10.5220/0002994501320141