A pairing based cryptographic anonymous authentication scheme

Privacy and authenticity are two critical aspects of security. Our goal is to construct a protocol using pairing based cryptography that provides all of the necessary security properties, as well as make the protocol compliant to as many applications/problem domains as possible. Some motivating applications for an anonymous authentication protocol are E-commerce, E-voting, E-library, E-cash, as well as some medical applications, and mobile agent applications. Typically there are three parties involved, the user, servers, and the trusted third party TTP. Each entity in the system registers with the TTP only once. In our design we construct a fully anonymous pairing based authentication scheme, which allows each user to authenticates themselves to a server without requiring the identity of the user to be revealed. Further, in order to to deal with malicious users, we provide the TTP the capability to track malicious users.

[1]  Ari Juels,et al.  Squealing Euros: Privacy Protection in RFID-Enabled Banknotes , 2003, Financial Cryptography.

[2]  Aggelos Kiayias,et al.  Anonymous Identification in Ad Hoc Groups , 2004, EUROCRYPT.

[3]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[4]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[5]  Matthew K. Franklin,et al.  Anonymous authentication with subset queries (extended abstract) , 1999, CCS '99.

[6]  Gene Tsudik,et al.  Towards an Analysis of Onion Routing Security , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[7]  Brian Neil Levine,et al.  A protocol for anonymous communication over the Internet , 2000, CCS.

[8]  Ling Liu,et al.  TrustMe: anonymous management of trust relationships in decentralized P2P systems , 2003, Proceedings Third International Conference on Peer-to-Peer Computing (P2P2003).

[9]  Fangguo Zhang,et al.  Secure web transaction with anonymous mobile agent over internet , 2008, Journal of Computer Science and Technology.

[10]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[11]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[12]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[13]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[14]  Ronald L. Rivest,et al.  The blocker tag: selective blocking of RFID tags for consumer privacy , 2003, CCS '03.

[15]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[16]  Ian Goldberg On the Security of the Tor Authentication Protocol , 2006, Privacy Enhancing Technologies.

[17]  Sushil Jajodia,et al.  Providing witness anonymity in peer-to-peer systems , 2006, CCS '06.

[18]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[19]  Sean W. Smith,et al.  Nymble: Anonymous IP-Address Blocking , 2007, Privacy Enhancing Technologies.