Abstract
This paper focus on two security services for internet applications: authorization and anonymity. Traditional authorization solutions are not very helpful for many of the Internet applications; however, attribute certificates proposed by ITU-T seems to be well suited and provide adequate solution. On the other hand, special attention is paid to the fact that many of the operations and transactions that are part of Internet applications can be easily recorded and collected. Consequently, anonymity has become a desirable feature to be added in many cases. In this work we propose a solution to enhance the X.509 attribute certificate in such a way that it becomes a conditionally anonymous attribute certificate. Moreover, we present a protocol to obtain such certificates in a way that respects users’ anonymity by using a fair blind signature scheme. We also show how to use such certificates and describe a few cases where problems could arise, identifying some open problems.
This work has been partially supported by the Spanish Ministry of Science and Technology under the Project TIC2002-04500-C02-02
Chapter PDF
Similar content being viewed by others
References
Benaloh, J., Tuinstra, D.: Receipt free secret-ballot elections. In: Proc. of 26th Symp. on Theory of Computing (STOC 1994), New York, pp. 544–553 (1994)
Camenisch, J., Herreweghen, E.V.: Design and implementation of the idemix anonymous credential system. In: Proc. of 9th ACM Conference on Computer and Communications Security (CCS), Washington D.C, November 2002, ACM/Academic Press (2002)
Camenisch, J., Lysyanskaya, A.: Efficient non-transferable anonymous multishow credential system with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)
Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–88 (1981)
Chaum, D.: Blind signatures for untraceable payments. In: Chaum, D., Rivest, R., Sherman, A. (eds.) Advances in Cryptology–Crypto 1982, Santa Barbara, CA, USA, August 1983, pp. 199–203. Plenum Press, New York (1982)
Chaum, D.: Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM 28(10), 1030–1044 (1985)
Chaum, D., Evertse, J.H.: A secure and privacy-protecting protocol for transmitting personal information between organizations. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 118–170. Springer, Heidelberg (1987)
Chaum, D., Fiat, A., Naor, M.: Untraceable electronic cash (extended abstract). In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, Heidelberg (1990)
Chen, L.: Access with pseudonyms. In: Dawson, E.P., Golić, J.D. (eds.) Cryptography: Policy and Algorithms 1995. LNCS, vol. 1029, pp. 232–243. Springer, Heidelberg (1996)
Cranor, L., Cytron, R.: Sensus: A security-conscious electronic polling system for the internet. In: Proceedings of the Hawaii International Conference on System Sciences, Wailea, Hawaii (1997)
Fan, C.-I., Lei, C.-L.: A user efficient fair blind signature scheme for untraceable electronic cash. Information Science and Engineering 18(1), 47–58 (2002)
Fujioka, S., Okamoto, T., Ohta, K.: A practical secret voting scheme for large scale elections. In: Zheng, Y., Seberry, J. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 244–251. Springer, Heidelberg (1993)
ITU-T Recommendation X.509. Information technology - open systems interconnection - the directory: Authentication framework (June 1997)
ITU-T Recommendation X.509. Information technology - open systems interconnection - the directory: Public-key and attribute certificate frameworks (March 2000)
Lysyanskaya, A.: Pseudonym systems. Master’s thesis, Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science (June 1999)
Lysyanskaya. A: Signature Schemes and Applications to Cryptographic Protocol Design. PhD thesis, Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science (September 2002)
Farrel, S., Housley, R.: An Internet attribute certificates profile for authorization. Request for Comments 3281. Nework Working Group. Internet Engineering Task Force (April 2002)
Stadler, M.A., Piveteau, J.M., Camenisch, J.L.: Fair blind signatures. In: Guillou, L.C., Quisquater, J.J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 209–219. Springer, Heidelberg (1995)
von Solms, S., Naccache, D.: On blind signatures and perfect crimes. Computers & Security 11, 581–583 (1992)
Zhou, J.: Achieving fair nonrepudiation in electronic transactions. Journal of Organizational Computing and Electronic Commerce 11(4), 253–267 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Benjumea, V., Lopez, J., Montenegro, J.A., Troya, J.M. (2004). A First Approach to Provide Anonymity in Attribute Certificates. In: Bao, F., Deng, R., Zhou, J. (eds) Public Key Cryptography – PKC 2004. PKC 2004. Lecture Notes in Computer Science, vol 2947. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24632-9_29
Download citation
DOI: https://doi.org/10.1007/978-3-540-24632-9_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21018-4
Online ISBN: 978-3-540-24632-9
eBook Packages: Springer Book Archive