skip to main content
10.1145/2295136.2295166acmconferencesArticle/Chapter ViewAbstractPublication PagessacmatConference Proceedingsconference-collections
research-article

A calculus for privacy-friendly authentication

Authors Info & Claims
Published:20 June 2012Publication History

ABSTRACT

Establishing authentic channels has become a common operation on the Internet and electronic commerce would not be possible without it. Because traditionally authentication is based on identifying users, the success of electronic commerce causes rapid erosion of their privacy. Privacy-friendly authentication, such as group signatures or anonymous credential systems, could mitigate this issue minimizing the information released during an authentication operation. Unfortunately, privacy-friendly authentication systems are not yet deployed. One reason is their sophistication and feature richness, which is complicating their understanding. By providing a calculus for analyzing and comparing the requirements and goals of privacy-friendly authentication systems, we contribute to a better understanding of such technologies. Our calculus extends the one by Maurer and Schmid [18], by introducing: (1) pseudonyms to enable pseudonymous authentication, (2) a pseudonym annotation function denoting the information an entity reveals about itself, and (3) event-based channel conditions to model conditional release of information used for privacy-friendly accountability.

References

  1. G. Ateniese. Efficient verifiable encryption (and fair exchange) of digital signatures. Proc. 6th ACM CCS, p.138--146. Nov. 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. M. Backes, J. Camenisch, and D. Sommer. Anonymous yet accountable access control. Proceedings of ACM WPES 2005, November 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. M. Backes, M. Maffei, and D. Unruh. Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. IEEE Symposium on Security and Privacy, p. 202--215, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. P. Bichsel, J. Camenisch, G. Neven, N. P. Smart, and B. Warinschi. Get shorty via group signatures without encryption. SCN '10, v.6280 of LNCS, p. 381--398. Sept. 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. D. Boneh, X. Boyen, and H. Shacham. Short group signatures. CRYPTO '04, v. 3152 of LNCS, p. 41--55. 2004.Google ScholarGoogle ScholarCross RefCross Ref
  6. S. Brands. Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. S. Brands and C. Paquin. U-prove cryptographic specification v1.0, Mar. 2010.Google ScholarGoogle Scholar
  8. J. Camenisch and A. Lysyanskaya. Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. EUROCRYPT '01, v. 2045 of LNCS, p. 93--118. 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. J. Camenisch, S. Mödersheim, G. Neven, F.-S. Preiss, and D. Sommer. A card requirements language enabling privacy-preserving access control. Proceedings of SACMAT 2010, p. 119--128, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. J. Camenisch, S. Mödersheim, and D. Sommer. A formal model of identity mixer. FMICS 2010, LNCS. 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. J. Camenisch and V. Shoup. Practical verifiable encryption and decryption of discrete logarithms. CRYPTO '03, v. 2729 of LNCS, p. 126--144, 2003.Google ScholarGoogle ScholarCross RefCross Ref
  12. D. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Comm. of the ACM, 24(2):84--88, Feb. 1981. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. D. Chaum and E. van Heyst. Group signatures. EUROCRYPT '91, v. 547 of LNCS, p. 257--265. 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard), May 2008.Google ScholarGoogle Scholar
  15. B. Ives, K. R. Walsh, and H. Schneider. The domino effect of password reuse. Comm. of the ACM, 47:75--78, Apr. 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. U. Maurer. Constructive cryptography - a new paradigm for security definitions and proofs. Theory of Security and Applications (TOSCA 2011), v. 6993 of LNCS, p. 33--56. Apr. 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. U. Maurer, A. Rüedlinger, and B. Tackmann. Confidentiality and integrity: A constructive perspective. Theory of Cryptography - TCC 2012, LNCS. 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. U. Maurer and P. Schmid. A calculus for security bootstrapping in distributed systems. Journal of Computer Security, 4(1):55--80, 1996.Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. U. M. Maurer and P. E. Schmid. A calculus for secure channel establishment in open networks. ESORICS '94, v. 875 of LNCS, p. 173--192. Nov. 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. S. Mödersheim and L. Viganò. Secure pseudonymous channels. Proceedings of Esorics'09, number 5789 in LNCS, p. 337--354. 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Security Team, IBM Research Zurich. Specification of the identity mixer cryptographic library. IBM Research Report RZ 3730, IBM Research Division, Apr. 2010.Google ScholarGoogle Scholar
  22. D. Sommer. Architecture. Digital Privacy: PRIME - Privacy and Identity Management for Europe, LNCS Volume 6545. 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. J. Yan, A. Blackwell, R. Anderson, and A. Grant. Password memorability and security: Empirical results. IEEE Security and Privacy, 2:25--31, Sept. 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library

Recommendations

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Sign in
  • Published in

    cover image ACM Conferences
    SACMAT '12: Proceedings of the 17th ACM symposium on Access Control Models and Technologies
    June 2012
    242 pages
    ISBN:9781450312950
    DOI:10.1145/2295136

    Copyright © 2012 ACM

    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    • Published: 20 June 2012

    Permissions

    Request permissions about this article.

    Request Permissions

    Check for updates

    Qualifiers

    • research-article

    Acceptance Rates

    SACMAT '12 Paper Acceptance Rate19of73submissions,26%Overall Acceptance Rate177of597submissions,30%

    Upcoming Conference

    SACMAT 2024
  • Article Metrics

    • Downloads (Last 12 months)3
    • Downloads (Last 6 weeks)0

    Other Metrics

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader