PRACTICAL ANONYMOUS AUTHENTICATION - Designing Anonymous Authentication for Everyday Use

Jan Hajny, Lukas Malina, Vaclav Zeman

Abstract

We use authentication services many times a day. Without user authentication, it would be impossible to use e-mail accounts, discussion boards, e-banking or even electronic communication. On the other hand, we release a lot of personal information during every authentication process. Our login can be linked to used services and assets by service providers. The frequency of usage and therefore the map of our behaviour on the Internet can be created to make more focused advertisement, to track us or even to steal our electronic identity. The goal of this paper is to state the requirements and provide the initial design for an anonymous authentication scheme which prevents the leakage of private information. The new scheme, to be widely acceptable, must be beneficial for both users and service providers, who implement the authentication systems. Therefore we claim that the new authentication system must provide a feature for revealing dishonest users. These users can be eventually deanonymized and charged for damages. We provide such a responsibility-protecting feature in our scheme. We also compare our scheme design with current anonymous authentication schemes and provide initial performance results from our smart-card implementation.

References

  1. Bao, F. (2000). An efficient verifiable encryption scheme for encryption of discrete logarithms. In Schneier, B. and Quisquater, J.-J., editors, Smart Card. Research and Applications, volume 1820 of Lecture Notes in Computer Science, pages 213-220. Springer.
  2. Bichsel, P., Camenisch, J., GroƟ, T., and Shoup, V. (2009). Anonymous credentials on a standard java card. In Proceedings of the 16th ACM conference on Computer and communications security, CCS 7809, pages 600-610, New York, NY, USA. ACM.
  3. Camenisch, J. and Lysyanskaya, A. (2003). A signature scheme with efficient protocols. In Proceedings of the 3rd international conference on Security in communication networks, SCN'02, pages 268-289, Berlin, Heidelberg. Springer-Verlag.
  4. Camenisch, J. and Stadler, M. (1997). Proof systems for general statements about discrete logarithms. Technical report.
  5. Camenisch, J. and Van Herreweghen, E. (2002). Design and implementation of the idemix anonymous credential system. In Proceedings of the 9th ACM conference on Computer and communications security, CCS 7802, pages 21-30, New York, NY, USA. ACM.
  6. Dingledine, R., Mathewson, N., and Syverson, P. (2004). Tor: The second-generation onion router. In In Proceedings of the 13 th Usenix Security Symposium.
  7. Lysyanskaya, A. (2001). An efficient system for nontransferable anonymous credentials with optional anonymity revocation. pages 93-118. Springer.
  8. Schaffer, M. and Schartner, P. (2006). Anonymous authentication with optional shared anonymity revocation and linkability. In Smart Card Research and Advanced Applications, volume 3928 of Lecture Notes in Computer Science, pages 206-221. Springer Berlin / Heidelberg.
  9. Schnorr, C. P. (1991). Efficient signature generation by smart cards. Journal of Cryptology, 4:161-174.
Download


Paper Citation


in Harvard Style

Hajny J., Malina L. and Zeman V. (2011). PRACTICAL ANONYMOUS AUTHENTICATION - Designing Anonymous Authentication for Everyday Use . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011) ISBN 978-989-8425-71-3, pages 405-408. DOI: 10.5220/0003576404050408


in Bibtex Style

@conference{secrypt11,
author={Jan Hajny and Lukas Malina and Vaclav Zeman},
title={PRACTICAL ANONYMOUS AUTHENTICATION - Designing Anonymous Authentication for Everyday Use},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)},
year={2011},
pages={405-408},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003576404050408},
isbn={978-989-8425-71-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)
TI - PRACTICAL ANONYMOUS AUTHENTICATION - Designing Anonymous Authentication for Everyday Use
SN - 978-989-8425-71-3
AU - Hajny J.
AU - Malina L.
AU - Zeman V.
PY - 2011
SP - 405
EP - 408
DO - 10.5220/0003576404050408