Abstract
We present a semantic extension to X.509 certificates that allows incorporating new anonymity signature schemes into the X.509 framework. This fact entails advantages to both components. On the one hand, anonymous signature schemes benefit from all the protocols and infrastructure that the X.509 framework provides. On the other hand, the X.509 framework incorporates anonymity as a very interesting new feature. This semantic extension is part of a system that provides user’s controlled anonymous authorization under the X.509 framework. Additionally, the proposal directly fits the much active Identity 2.0 effort, where anonymity is a major supplementary feature that increases the self-control of one’s identity and privacy which is at the center of the activity.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
References
Ateniese, G., Camenish, J., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)
Ateniese, G., Tsudik, G.: Some open issues and new directions in group signatures. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 196–211. Springer, Heidelberg (1999)
Benjumea, V., Lopez, J., Montenegro, J.A., Troya, J.M.: A first approach to provide anonymity in attribute certificates. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 402–415. Springer, Heidelberg (2004)
Benjumea, V., Lopez, J., Troya, J.M.: Anonymous attribute certificates based on traceable signatures. Internet Research 16(2), 120–139 (2006)
Brands, S.A.: Rethinking Public Key Infrastructures and Digital Certificates Building in Privacy, The MIT Press, Cambridge (August 2000)
Camenisch, J., Lysyanskaya, A.: Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)
Chaum, D.: Blind signatures for untraceable payments. In: Chaum, D., Rivest, R., Sherman, A. (eds.) CRYPTO 1982: Advances in Cryptology, pp. 199–203. Plenum Press, Santa Barbara, CA (August 1983)
Chaum, D.: Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM 28(10), 1030–1044 (1985)
Chaum, D., Evertse, J.H.: A secure and privacy-protecting protocol for transmitting personal information between organizations. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 118–170. Springer, Heidelberg (1987)
Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)
Chen, L.: Access with pseudonyms. In: Dawson, E.P., Golić, J.D. (eds.) Cryptography: Policy and Algorithms. LNCS, vol. 1029, pp. 232–243. Springer, Heidelberg (1996)
Choi, S.G., Park, K., Yung, M.: Short traceable signatures based on bilinear pairings. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S. (eds.) IWSEC 2006. LNCS, vol. 4266, pp. 88–103. Springer, Heidelberg (2006)
Dierks, T., Rescorla, E.: RFC-4346. The Transport Layer Security (TLS) Protocol. The Internet Society (April 2006)
Dodis, Y., Kiayias, A., Nicolosi, A., Shoup, V.: Anonymous identification in Ad Hoc groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 609–626. Springer, Heidelberg (2004)
Ellison, C.: RFC-2692. SPKI requirements. IETF SPKI Working Group (September 1999)
Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T.: RFC-2693. SPKI certificate theory. IETF SPKI Working Group (September 1999)
Farrel, S., Housley, R.: RFC-3281. An Internet Attribute Certificate Profile for Authorization. The Internet Society (April 2002)
FIPS 186. Digital Signature Standard. U.S. Department of Commerce/N.I.S.T., National Technical Information Service, Springfield, Virginia (1994)
Freier, A., Karlton, P., Kocher, P.: The SSL Protocol. Netscape (November 1996)
Housley, R., Polk, W., Ford, W., Solo, D.: RFC-3280. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. The Internet Society (April 2002)
Identity 2.0, http://www.identity20.com/
ITU-T Recommendation X.509. Information Technology - Open systems interconnection - The Directory: Authentication Framework (June 1997)
ITU-T Recommendation X.509. Information Technology - Open systems interconnection - The Directory: Public-key and attribute certificate frameworks (March 2000)
Kiayias, A., Tsiounis, Y., Yung, M.: Traceable signatures. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 571–589. Springer, Heidelberg (2004)
Lysyanskaya, A., Rivest, R., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, Springer, Heidelberg (2000)
Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: RFC-2560. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. The Internet Society (June 1999)
Nguyen, L., Safavi-Naini, R.: Efficient and provably secure trapdoor-free group signature schemes from bilinear pairings. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 372–386. Springer, Heidelberg (2004)
Persiano, P., Visconti, I.: A secure and private system for subscription-based remote services. ACM Trans. on Information and System Security 6(4), 472–500 (2003)
Persiano, P., Visconti, I.: An efficient and usable multi-show non-transferable anonymous credential system. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 196–211. Springer, Heidelberg (2004)
Rivest, R., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public key cryptosystems. Communications of the ACM 21(2), 120–126 (1978)
Schechter, S., Parnell, T., Hartemink, A.: Anonymous authentication of membership in dynamic groups. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 184–195. Springer, Heidelberg (1999)
Stubblebine, S.G., Syverson, P.F., Goldschlag, D.M.: Unlinkable serial transactions: Protocols and applications. ACM Trans. on Information and System Security 2(4), 354–389 (1999)
Verheul, E.R.: Self-blindable credential certificates from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 533–551. Springer, Heidelberg (2001)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Benjumea, V., Choi, S.G., Lopez, J., Yung, M. (2007). Anonymity 2.0 – X.509 Extensions Supporting Privacy-Friendly Authentication. In: Bao, F., Ling, S., Okamoto, T., Wang, H., Xing, C. (eds) Cryptology and Network Security. CANS 2007. Lecture Notes in Computer Science, vol 4856. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-76969-9_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-76969-9_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-76968-2
Online ISBN: 978-3-540-76969-9
eBook Packages: Computer ScienceComputer Science (R0)