Skip to main content
SpringerLink
Log in
Book cover

European Public Key Infrastructure Workshop

EuroPKI 2012: Public Key Infrastructures, Services and Applications pp 112–127Cite as

Anonymity Revocation through Standard Infrastructures

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7868))

Abstract

Anonymity in information systems has been a very active field of study in recent years. Indeed, it provides fundamental improvements in privacy by protecting users’ identities. However, it also serves as a shield for malicious parties, since it makes tracing users difficult. Many anonymous signature schemes and systems have been proposed to overcome this problem through the incorporation of some kind of credential revocation. However, these revocation functions have been proposed at a theoretical level or, at the most, as part of highly customized systems. Moreover, another critical requirement for any practical information system is usability, which calls for the standardization of the underlying primitives. In the context of the distribution and management of digital identities the most widely known standard is X.509 Public Key Infrastructure (PKI). Several proposals have been made to extend X.509 certificates to support anonymous signature schemes. However, further work is required in order to succcessfully implement revocation functionalities in such environments. Since in X.509 the procedures for identity revocation mainly rely on either Certificate Revocation Lists (CRLs) or the Online Certificate Status Protocol (OCSP), we propose a set of extensions for both revocation standards in order to incorporate support for anonymous signature schemes. With these extensions, we achieve revocation functionality similar to that for current PKIs.

This work was supported by the UAM projects of Teaching Innovation and the Spanish Government projects TIN2010-19607 and MICINN BFU 2009-08473. The work of David Arroyo was supported by a Juan de la Cierva fellowship from the Ministerio de Ciencia e Innovación of Spain.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  2. Au, M.H., Tsang, P.P., Kapadia, A.: Perea: Practical ttp-free revocation of repeatedly misbehaving anonymous users. ACM Trans. Inf. Syst. Secur. 14(4), 29 (2011)

    Article  Google Scholar 

  3. Benjumea, V., Choi, S.G., Lopez, J., Yung, M.: Anonymity 2.0 – X.509 extensions supporting privacy-friendly authentication. In: Bao, F., Ling, S., Okamoto, T., Wang, H., Xing, C. (eds.) CANS 2007. LNCS, vol. 4856, pp. 265–281. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  4. Benjumea, V., Choi, S.G., Lopez, J., Yung, M.: Fair traceable multi-group signatures. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 231–246. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  5. Camenisch, J., Krontiris, I., Lehmann, A., Neven, G., Paquin, C., Rannenberg, K., Zwingelberg, H.: D2.1 architecture for attribute-based credential technologies - version 1 (2011), https://abc4trust.eu/index.php/pub/results/107-d21architecturev1

  6. Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  7. Camenisch, J., Michels, M.: Separability and efficiency for generic group signature schemes (extended abstract). In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 413–430. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  8. Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups (extended abstract). In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  9. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–88 (1981)

    Article  Google Scholar 

  10. Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)

    Chapter  Google Scholar 

  11. Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: RFC 5280: Internet x.509 public key infrastructure certificate and certificate revocation list (CRL) profile (2008)

    Google Scholar 

  12. Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a type iii anonymous remailer protocol. In: IEEE Symposium on Security and Privacy, pp. 2–15 (2003)

    Google Scholar 

  13. Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: The second-generation onion router. In: USENIX Security Symposium, pp. 303–320 (2004)

    Google Scholar 

  14. ISO/IEC: ISO/IEC CD 20008-1.2: Information technology - security techniques - anonymous digital signatures - part 1: General (2012)

    Google Scholar 

  15. ISO/IEC: ISO/IEC CD 20008-2.2: Information technology - security techniques - anonymous digital signatures - part 2: Mechanisms using a group public key (2012)

    Google Scholar 

  16. ISO/IEC: ISO/IEC CD 20009-1.2 draft: Information technology - security techniques - anonymous entity authentication - part 1: General (2012)

    Google Scholar 

  17. ISO/IEC: ISO/IEC CD 20009-2.2 draft: Information technology - security techniques - anonymous entity authentication - part 2: Mechanisms based on signatures using a group public key (2012)

    Google Scholar 

  18. Kiayias, A., Tsiounis, Y., Yung, M.: Traceable signatures. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 571–589. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  19. Li, J., Li, N., Xue, R.: Universal accumulators with efficient nonmembership proofs. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 253–269. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  20. Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: RFC 2560: X.509 internet public key infrastructure online certificate status protocol - OCSP (1999)

    Google Scholar 

  21. Pfitzmann, A., Köhntopp, M.: Anonymity, unobservability, and pseudonymity - A proposal for terminology. In: Federrath, H. (ed.) Anonymity 2000. LNCS, vol. 2009, pp. 1–9. Springer, Heidelberg (2001)

    Google Scholar 

  22. Reiter, M.K., Rubin, A.D.: Crowds: Anonymity for web transactions. ACM Trans. Inf. Syst. Secur. 1(1), 66–92 (1998)

    Article  Google Scholar 

  23. Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  24. Shields, C., Levine, B.N.: A protocol for anonymous communication over the internet. In: ACM Conference on Computer and Communications Security, pp. 33–42 (2000)

    Google Scholar 

  25. Teranishi, I., Furukawa, J., Sako, K.: k-times anonymous authentication (extended abstract). In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 308–322. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  26. Tsang, P.P., Kapadia, A., Cornelius, C., Smith, S.W.: Nymble: Blocking misbehaving users in anonymizing networks. IEEE Trans. Dependable Sec. Comput. 8(2), 256–269 (2011)

    Article  Google Scholar 

  27. X.509, I.T.R.: Information technology – open systems interconnection – the directory: Public-key and attribute certificate frameworks. Tech. rep. (November 2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Grupo de Neurocomputacion Biologica, Departamento de Ingenieria Informatica, Escuela Politecnica Superior, Universidad Autonoma de Madrid, Spain

    Jesus Diaz, David Arroyo & Francisco B. Rodriguez

Authors
  1. Jesus Diaz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Arroyo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Francisco B. Rodriguez
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento de Informatica, Universita’ degli Studi de Milano, 26013, Crema, CR, Italy

    Sabrina De Capitani di Vimercati

  2. University of London, Royal Holloway, Egham, TW20 0EX, Surrey, UK

    Chris Mitchell

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Diaz, J., Arroyo, D., Rodriguez, F.B. (2013). Anonymity Revocation through Standard Infrastructures. In: De Capitani di Vimercati, S., Mitchell, C. (eds) Public Key Infrastructures, Services and Applications. EuroPKI 2012. Lecture Notes in Computer Science, vol 7868. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40012-4_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-40012-4_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-40011-7

  • Online ISBN: 978-3-642-40012-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation