A secure and private system for subscription-based remote services

In this paper we study privacy issues regarding the use of the SSL/TLS protocol and X.509 certificates. Our main attention is placed on subscription-based remote services (e.g., subscription to newspapers and databases) where the service manager charges a flat fee for a period of time independent of the actual number of times the service is requested.We start by pointing out that restricting the access to such services by using X.509 certificates and the SSL/TLS protocol, while preserving the interests of the service managers, neglects the right to privacy of the users.We then propose the concept of a crypto certificate and the Secure and Private Socket Layer protocol (SPSL protocol, in short) and show how they can be used to preserve user privacy and, at the same time, protecting the interests of the service managers. The SPSL protocol only requires the user to have a standard X.509 certificate (with an RSA key) and does not require the user to get any special ad hoc certificate.Finally, we show the viability of the proposed solution by describing a system based on SPSL for secure and private access to subscription-based web services. Our implementation includes an SPSL proxy for a TLS-enabled web client and a module for the Apache web server along with administrative tools for the server side. The system has been developed starting from the implementation of an API for the SPSL protocol that we describe in the paper.

[1]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[2]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[3]  Philippe Fouquart,et al.  ASN.1 Communication Between Heterogeneous Systems , 2000 .

[4]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[5]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[6]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[7]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[8]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[9]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[10]  Ivan Visconti,et al.  User privacy issues regarding certificates and the TLS protocol: the design and implementation of the SPSL protocol , 2000, CCS.

[11]  Gene Tsudik,et al.  Mixing E-mail with Babel , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[12]  Paul F. Syverson,et al.  Unlinkable serial transactions: protocols and applications , 1999, TSEC.

[13]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[14]  Ravi Sandhu,et al.  ACM Transactions on Information and System Security: Editorial , 2005 .

[15]  Stuart E. Schechter,et al.  Anonymous Authentication of Membership in Dynamic Groups , 1999, Financial Cryptography.

[16]  Gene Tsudik,et al.  Some Open Issues and New Directions in Group Signatures , 1999, Financial Cryptography.

[17]  Giovanni Di Crescenzo,et al.  On monotone formula closure of SZK , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[18]  권태경,et al.  SSL Protocol 기반의 서버인증 , 2003 .

[19]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[20]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[21]  Jan Camenisch,et al.  Efficient and Generalized Group Signatures , 1997, EUROCRYPT.

[22]  Giovanni Di Crescenzo,et al.  Communication-efficient anonymous group identification , 1998, CCS '98.

[23]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[24]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[25]  Alan O. Freier,et al.  The SSL Protocol Version 3.0 , 1996 .