Pseudonym Technology for E-Services

Pseudonym technology is attracting more and more attention and, together with privacy violations, is becoming a major issue in various e-services. Current e-service systems make personal data collection very easy and efficient through integration, interconnection, and data mining technologies since they use the user’s real identity. Pseudonym technology with unlinkability, anonymity, and accountability can give the user the ability to control the collection, retention, and distribution of his or her personal information. This chapter explores the challenges, issues, and solutions associated with pseudonym technology for privacy protection in e-services. To have a better understanding of how the pseudonym technology provides privacy protection in e-services, we describe a general pseudonym system architecture, discuss its relationships with other privacy technologies, and summarize its requirements. Based on the requirements, we review, analyze, and compare a number of existing pseudonym technologies. We then give an example of a pseudonym practice — e-wallet for eservices and discuss current issues. IDEA GROUP PUBLISHING This paper appears in the publication, Privacy Protection for E-Services edited by George Yee © 2006, Idea Group Inc. 701 E. Chocolate Avenue, Suite 200, Hershey PA 17033-1240, USA Tel: 717/533-8845; Fax 717/533-8661; URL-http://www.idea-gr up.com ITB12167

[1]  Nam-Yih Lee Fairness and privacy on pay-per view system for Web-based video service , 2000, IEEE Trans. Consumer Electron..

[2]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[3]  S. Kim,et al.  A new electronic check system with reusable refunds , 2002, International Journal of Information Security.

[4]  Lidong Chen Access with Pseudonyms , 1995, Cryptography: Policy and Algorithms.

[5]  Jean-François Raymond,et al.  Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[6]  Amit Sahai,et al.  Pseudonym Systems , 1999, Selected Areas in Cryptography.

[7]  David Chaum,et al.  A Secure and Privacy-protecting Protocol for Transmitting Personal Information Between Organizations , 1986, CRYPTO.

[8]  Ronggong Song,et al.  Analysis of privacy and non-repudiation on pay-TV systems , 2001, IEEE Trans. Consumer Electron..

[9]  Stig Fr. Mjølsnes,et al.  On-Line E-Wallet System with Decentralized Credential Keepers , 2003, Mob. Networks Appl..

[10]  Birgit Pfitzmann,et al.  Loss-tolerance for electronic wallets , 1990, [1990] Digest of Papers. Fault-Tolerant Computing: 20th International Symposium.

[11]  Horng-Twu Liaw,et al.  A secure electronic voting protocol for general elections , 2004, Comput. Secur..

[12]  Chin-Laung Lei,et al.  A Verifiable Multi-Authority Secret Election Allowing Abstention from Voting , 2002, Comput. J..

[13]  George Yee,et al.  Semiautomatic Derivation and Use of Personal Privacy Policies in E-Business , 2005, Int. J. E Bus. Res..

[14]  Ronggong Song,et al.  How to make e-cash with non-repudiation and anonymity , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[15]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[16]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[17]  George Yee,et al.  An agent architecture for e-services privacy policy compliance , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[18]  Paul Syverson,et al.  Onion Routing for Anonymous and Private Internet Connections , 1999 .

[19]  Andreu Riera Jorba,et al.  Advanced Security to Enable Trustworthy Electronic Voting , 2003 .

[20]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[21]  Ronggong Song,et al.  Pay-TV system with strong privacy and non-repudiation protection , 2003, IEEE Trans. Consumer Electron..

[22]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[23]  Lance J. Hoffman Internet voting: will it spur or corrupt democracy? , 2000, CFP '00.

[24]  Ronald Cramer,et al.  A Secure and Optimally Efficient Multi-Authority Election Scheme ( 1 ) , 2000 .

[25]  Ronald Cramer,et al.  The ESPRIT Project CAFE - High Security Digital Payment Systems , 1994, ESORICS.

[26]  Chun-Li Lin,et al.  Privacy and non-repudiation on pay-TV systems , 2000, IEEE Trans. Consumer Electron..

[27]  Stefan A. Brands,et al.  An Efficient Off-line Electronic Cash System Based On The Representation Problem. , 1993 .

[28]  David Chaum,et al.  Elections with Unconditionally-Secret Ballots and Disruption Equivalent to Breaking RSA , 1988, EUROCRYPT.

[29]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[30]  Hannes Federrath,et al.  Web MIXes: A System for Anonymous and Unobservable Internet Access , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[31]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[32]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[33]  Shingo MIYAZAKI,et al.  A More Efficient Untraceable E-Cash System with Partially Blind Signatures Based on the Discrete Logarithm Problem , 1998, Financial Cryptography.

[34]  David A. Wagner,et al.  Privacy-enhancing technologies for the Internet , 1997, Proceedings IEEE COMPCON 97. Digest of Papers.

[35]  Ian Goldberg,et al.  A Description of Protocols for Private Credentials , 2001, IACR Cryptol. ePrint Arch..

[36]  Masayuki Abe,et al.  How to Date Blind Signatures , 1996, ASIACRYPT.

[37]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.