Identity Escrow

We introduce the notion of escrowed identity, an application of key-escrow ideas to the problem of identi cation. In escrowed identity, one party A does not give his identity to another party B, but rather gives him information that would allow an authorized third party E to determine A's identity. However, B receives a guarantee that E can indeed determine A's identity. We give protocols for escrowed identity based on the El-Gamal (signature and encryption) schemes and on the RSA function. A useful feature of our protocol is that after setting up A to use the system, E is only involved when it is actually needed to determine A's identity.

[1]  Moti Yung,et al.  Escrow Encryption Systems Visited: Attacks, Analysis and Designs , 1995, CRYPTO.

[2]  M. Yung,et al.  \indirect Discourse Proofs": Achieving Eecient Fair Oo-line E-cash , 1996 .

[3]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[4]  Holger Petersen,et al.  How to Convert any Digital Signature Scheme into a Group Signature Scheme , 1997, Security Protocols Workshop.

[5]  Jan Camenisch,et al.  Fair Blind Signatures , 1995, EUROCRYPT.

[6]  Y. Frankel Indirect discouse proofs : achieving fair off-line e-cash , 1996, CRYPTO 1996.

[7]  Silvio Micali,et al.  A Simple Method for Generating and Sharing Pseudo-Random Functions, with Applications to Clipper-like Escrow Systems , 1995, CRYPTO.

[8]  Ivan Damgård,et al.  On the Existence of Statistically Hiding Bit Commitment Schemes and Fail-Stop Signatures , 1993, CRYPTO.

[9]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[10]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[11]  Silvio Micali,et al.  Fair Public-Key Cryptosystems , 1992, CRYPTO.

[12]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[13]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[14]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[15]  Ernest F. Brickell,et al.  Trustee-based tracing extensions to anonymous cash and the making of anonymous change , 1995, SODA '95.

[16]  Mihir Bellare,et al.  Verifiable partial key escrow , 1997, CCS '97.

[17]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[18]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[19]  Mihir Bellare,et al.  Encapsulated Key Escrow , 1996 .

[20]  Jan Camenisch,et al.  Efficient and Generalized Group Signatures , 1997, EUROCRYPT.

[21]  Peter Winkler,et al.  A Key Escrow System with Warrant Bounds , 1995, CRYPTO.

[22]  J. Camenisch Eecient Group Signature Schemes for Large Groups , 1997 .

[23]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[24]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[25]  Moti Yung,et al.  Auto-Recoverable Auto-Certifiable Cryptosystems , 1998, EUROCRYPT.

[26]  Hugo Krawczyk,et al.  Chameleon Hashing and Signatures , 1998, IACR Cryptol. ePrint Arch..

[27]  Lidong Chen,et al.  New Group Signature Schemes (Extended Abstract) , 1994, EUROCRYPT.

[28]  Ueli Maurer,et al.  Digital Payment Systems with Passive Anonymity-Revoking Trustees , 1996, ESORICS.

[29]  Moti Yung,et al.  How to share a function securely , 1994, STOC '94.

[30]  Yiannis Tsiounis,et al.  "Indirect Discourse Proof": Achieving Efficient Fair Off-Line E-cash , 1996, ASIACRYPT.

[31]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.