Recently, user authentication systems have been widely adopted in network service systems to permit only valid users to access to their services. In these systems, the Service Providers (SPs) can identify the users, record their behaviors at the services, and extract their profiles, which may cause a serious privacy problem. One cryptographic solution for this privacy problem is the use of a group signature scheme. In this scheme, the user can sign a digital message on behalf of the group. Then, the verifier can verify the signature anonymously. Another solution is the use of the anonymous credential system. This system allows an issuer to issue a certificate containing the specified attributes of the user. Using this certificate, the user can anonymously convince the possession of the certificate to the verifier, where the selected attributes can be disclosed without revealing any other information about the user’s privacy. Previously, RSA-based group signature schemes and anonymous credential systems have been proposed to construct anonymous authentication systems. However, the RSA-based constructions consume a high cost computation time. On the other hand, pairing-based schemes using the Elliptic Curve Cryptography (ECC) can achieve more practical solutions due to the much shorter signature. Thus, the pairing-based anonymous authentication systems should be desired. In this thesis, firstly, we propose a pairing-based anonymous IEEE802.1X authentication system using a pairing-based group signature scheme for wireless LANs. Since any user identity is not revealed at the authentication, Internet Service Providers (ISPs) cannot collect any personal information. As an efficient revocable group signature scheme, we adopt the Verifier-Local Revocation (VLR) type one with some modifications for use of the fast pairing computation. We show the implementation of the proposal and evaluation results, and the practicality of our system in up to 1,000 revoked users. Secondly, we propose a pairing-based group signature scheme with an efficient revocation check. The previously proposed VLR group signature scheme can reduce loads of signers by concentrating the process of user revocations into the verifiers. Since the revocation process needs a lot of computations, the VLR scheme is suitable for users (signers) using mobile terminals that are usual in mobile environments. However, because the pairing computation is necessary for each of the revoked users in this scheme, it suffers from the linear complexity of the number of revoked users. In our proposed scheme, this load at verifiers is reduced based on the observation that the product of pairings can be computed faster than the separated pairings. Our experimental results show that our scheme reduces the verification time by 10% from the original one. Thirdly, we propose a pairing-based anonymous attribute authentication system suitable for the electronic identification. Currently, the electronic identity (eID) such as an eID card has often been used for the identification. The eID is usually issued by a trusted organiza-
[1]
Frank Stajano,et al.
Evaluation Framework of Location Privacy of Wireless Mobile Systems with Arbitrary Beam Pattern
,
2007,
Fifth Annual Conference on Communication Networks and Services Research (CNSR '07).
[2]
Hyang-Sook Lee,et al.
Efficient and Generalized Pairing Computation on Abelian Varieties
,
2009,
IEEE Transactions on Information Theory.
[3]
Michael Scott,et al.
Exponentiation in Pairing-Friendly Groups Using Homomorphisms
,
2008,
Pairing.
[4]
Hideki Imai,et al.
An Efficient Group Signature Scheme from Bilinear Maps
,
2005,
ACISP.
[5]
Yi Mu,et al.
Constant-Size Dynamic k-TAA
,
2006,
SCN.
[6]
Yi Mu,et al.
Short Group Signatures Without Random Oracles
,
2007,
Journal of Computer Science and Technology.
[7]
Nobuo Funabiki,et al.
An implementation of anonymous IEEE802.1X authentication with user revocation
,
2008
.
[8]
Yasuyuki Nogami,et al.
Skew Frobenius Map and Efficient Scalar Multiplication for Pairing-Based Cryptography
,
2008,
CANS.
[9]
Christopher Allen,et al.
The TLS Protocol Version 1.0
,
1999,
RFC.
[10]
Paulo S. L. M. Barreto,et al.
Pairing-Friendly Elliptic Curves of Prime Order
,
2005,
Selected Areas in Cryptography.
[11]
Nobuo Funabiki,et al.
An implementation of anonymous authentication system for Web services using proxies
,
2009,
2009 IEEE 13th International Symposium on Consumer Electronics.
[12]
Hovav Shacham,et al.
Short Group Signatures
,
2004,
CRYPTO.
[13]
Yasuyuki Nogami,et al.
A Multiplication Algorithm in Fpm Such That p>m with a Special Class of Gauss Period Normal Bases
,
2009,
IEICE Trans. Fundam. Electron. Commun. Comput. Sci..
[14]
Jan Camenisch,et al.
Anonymous credentials on a standard java card
,
2009,
CCS.
[15]
Goichiro Hanaoka,et al.
Anonymous Authentication Scheme for Subscription Services
,
2007,
KES.
[16]
Glen Zorn,et al.
IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines
,
2003,
RFC.
[17]
Shouhuai Xu,et al.
Accumulating Composites and Improved Group Signing
,
2003,
ASIACRYPT.
[18]
Jan Camenisch,et al.
Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials
,
2002,
CRYPTO.
[19]
Claudio Soriente,et al.
An Accumulator Based on Bilinear Maps and Efficient Revocation for Anonymous Credentials
,
2009,
IACR Cryptol. ePrint Arch..
[20]
Yasuyuki Nogami,et al.
Integer Variable chi-Based Ate Pairing
,
2008,
Pairing.
[21]
Larry J. Blunk,et al.
PPP Extensible Authentication Protocol (EAP)
,
1998,
RFC.
[22]
J. Camenisch,et al.
Proof systems for general statements about discrete logarithms
,
1997
.
[23]
J. Camenisch,et al.
A Group Signature Scheme Based on an RSA-Variant
,
1998
.
[24]
Jan Camenisch,et al.
Design and implementation of the idemix anonymous credential system
,
2002,
CCS '02.
[25]
Yasuyuki Nogami,et al.
Scalar Multiplication Using Frobenius Expansion over Twisted Elliptic Curve for Ate Pairing Based Cryptography
,
2009,
IEICE Trans. Fundam. Electron. Commun. Comput. Sci..