Advertisement

Pseudonymous Signature Schemes

  • Przemysław Błaśkiewicz
  • Lucjan Hanzlik
  • Kamil Kluczniak
  • Łukasz Krzywiecki
  • Mirosław Kutyłowski
  • Marcin Słowik
  • Marta Wszoła
Chapter

Abstract

The chapter concerns cryptographic schemes enabling to sign digital data in a pseudonymized way. The schemes aim to provide a strong cryptographic evidence of integrity of the signed data and origin of the signature, but at the same time have to hide the identity of the signatory. There are two crucial properties that are specific for pseudonymous signatures: ability to recover the real identity of the signatory in certain circumstances and resilience to Sybil attacks. Despite using a single private key, the signatory can create a (single) unlinkable pseudonym for each domain or sector of activity and generate signatures corresponding to this pseudonym.

Notes

Acknowledgements

This research was supported by the National Science Centre (Poland) under grant OPUS no 2014/15/B/ST6/02837.

References

  1. 1.
    Alwen, J., Dodis, Y., & Wichs, D. (2009). Leakage-resilient public-key cryptography in the bounded-retrieval model. In S. Halevi (ed.), Advances in Cryptology - CRYPTO 2009: 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, 16–20 August 2009. Proceedings (pp. 36–54). Berlin: Springer.  https://doi.org/10.1007/978-3-642-03356-8_3.CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Fischlin, M., Goldwasser, S., & Micali, S. (2001). Identification protocols secure against reset attacks. In B. Pfitzmann (ed.), Advances in Cryptology — EUROCRYPT 2001: International Conference on the Theory and Application of Cryptographic Techniques Innsbruck, Austria, 6–10 May 2001, Proceedings (pp. 495–511). Berlin: Springer.  https://doi.org/10.1007/3-540-44987-6_30.Google Scholar
  3. 3.
    Boneh, D., & Boyen, X. (2008). Short signatures without random oracles and the SDH assumption in bilinear groups. Journal of Cryptology, 21(2), 149–177.  https://doi.org/10.1007/s00145-007-9005-7.MathSciNetCrossRefGoogle Scholar
  4. 4.
    Bringer, J., Chabanne, H., Lescuyer, R., & Patey, A. (2014). Efficient and strongly secure dynamic domain-specific pseudonymous signatures for ID documents. IACR Cryptology ePrint Archive, 2014, 67. http://eprint.iacr.org/2014/067.
  5. 5.
    BSI: Technical guideline TR-03110 v2.21 – advanced security mechanisms for machine readable travel documents and eIDAS token (2016). https://www.bsi.bund.de/EN/Publications/TechnicalGuidelines/TR03110/BSITR03110.html.
  6. 6.
    Camenisch, J., & Lehmann, A. (2017). Privacy for distributed databases via (un) linkable pseudonyms. IACR Cryptology ePrint Archive, 2017, 22.Google Scholar
  7. 7.
    Camenisch, J., & Lysyanskaya, A. (2004). Signature schemes and anonymous credentials from bilinear maps. In Annual International Cryptology Conference (pp. 56–72). Berlin: Springer.CrossRefGoogle Scholar
  8. 8.
    Canetti, R., Goldreich, O., Goldwasser, S., & Micali, S. (2000). Resettable zero-knowledge (extended abstract). In Proceedings of the Thirty-Second Annual ACM Symposium on Theory of Computing, STOC’00 (pp. 235–244). New York: ACM.  https://doi.org/10.1145/335305.335334.
  9. 9.
    Chen, L., & Li, J. (2010). Revocation of direct anonymous attestation. In L. Chen & M. Yung (eds.), Trusted Systems: Second International Conference, INTRUST 2010, Beijing, China, 13–15 December 2010, Revised Selected Papers (pp. 128–147). Berlin: Springer.  https://doi.org/10.1007/978-3-642-25283-9_9.CrossRefGoogle Scholar
  10. 10.
    Cramer, R., & Shoup, V. (1998). A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In H. Krawczyk (ed.), Advances in Cryptology - CRYPTO’98, 18th Annual International Cryptology Conference, Santa Barbara, California, USA, 23–27 August 1998, Proceedings (Vol. 1462, pp. 13–25). Lecture Notes in Computer Science. Berlin: Springer.  https://doi.org/10.1007/BFb0055717.CrossRefGoogle Scholar
  11. 11.
    Dolev, S., & Lodha, S. (eds.), Cyber Security Cryptography and Machine Learning - First International Conference, CSCML 2017, Beer-Sheva, Israel, 29–30 June 2017, Proceedings (Vol. 10332). Lecture Notes in Computer Science. Berlin: Springer.  https://doi.org/10.1007/978-3-319-60080-2.Google Scholar
  12. 12.
    Hanzlik, L., Kluczniak, K., & Kutyłowski, M. (2016). Controlled randomness - a defense against backdoors in cryptographic devices. In R.C. Phan & M. Yung (eds.), Paradigms in Cryptology - Mycrypt 2016. Malicious and Exploratory Cryptology - Second International Conference, Mycrypt 2016, Kuala Lumpur, Malaysia, 1–2 December 2016, Revised Selected Papers (Vol. 10311, pp. 215–232). Lecture Notes in Computer Science. Berlin: Springer.  https://doi.org/10.1007/978-3-319-61273-7_11.zbMATHGoogle Scholar
  13. 13.
    Hanzlik, L., Kluczniak, K., Kutyłowski, M., & Dolev, S. (2016). Local self-organization with strong privacy protection. In Trustcom/BigDataSE/ISPA, 2016 IEEE (pp. 775–782). IEEE.Google Scholar
  14. 14.
    Klonowski, M., Kutyłowski, M., Lauks, A., & Zagórski, F. (2005). Conditional digital signatures. In S.K. Katsikas, J. Lopez, & G. Pernul (eds.), Trust, Privacy and Security in Digital Business: Second International Conference, TrustBus 2005, Copenhagen, Denmark, 22–26 August 2005, Proceedings (Vol. 3592, pp. 206–215). Lecture Notes in Computer Science. Berlin: Springer.  https://doi.org/10.1007/11537878_21.CrossRefGoogle Scholar
  15. 15.
    Kluczniak, K. (2015). Anonymous authentication using electronic identity documents. Ph.D thesis. Institute of Computer Science, Polish Academy of Sciences.Google Scholar
  16. 16.
    Kluczniak, K., Hanzlik, L., & Kutyłowski, M. (2016). A formal concept of domain pseudonymous signatures. In F. Bao, L. Chen, R.H. Deng, & G. Wang (eds.), Information Security Practice and Experience - 12th International Conference, ISPEC 2016, Zhangjiajie, China, 16–18 November 2016, Proceedings (Vol. 10060, pp. 238–254). Lecture Notes in Computer Science.  https://doi.org/10.1007/978-3-319-49151-6_17.CrossRefGoogle Scholar
  17. 17.
    Kluczniak, K., Wang, J., Chen, X., & Kutyłowski, M. (2016). Multi-device anonymous authentication. In J. Chen, V. Piuri, C. Su, & M. Yung (eds.), Network and System Security - 10th International Conference, NSS 2016, Taipei, Taiwan, 28–30 September 2016, Proceedings (Vol. 9955, pp. 21–36). Lecture Notes in Computer Science. Berlin: Springer.  https://doi.org/10.1007/978-3-319-46298-1_2.CrossRefGoogle Scholar
  18. 18.
    Krzywiecki, Ł. (2016). Schnorr-like identification scheme resistant to malicious subliminal setting of ephemeral secret. In I. Bica & R. Reyhanitabar (eds.), Innovative Security Solutions for Information Technology and Communications - 9th International Conference, SECITC 2016, Bucharest, Romania, 9–10 June 2016, Revised Selected Papers (Vol. 10006, pp. 137–148). Lecture Notes in Computer Science.  https://doi.org/10.1007/978-3-319-47238-6_10.CrossRefGoogle Scholar
  19. 19.
    Krzywiecki, Ł., & Kutyłowski, M. (2017). Security of Okamoto identification scheme: A defense against ephemeral key leakage and setup. In C. Wang & M. Kantarcioglu (eds.), Proceedings of the Fifth ACM International Workshop on Security in Cloud Computing, SCC@AsiaCCS 2017, Abu Dhabi, United Arab Emirates, 2 April 2017 (pp. 43–50). ACM.  https://doi.org/10.1145/3055259.3055267.
  20. 20.
    Kutyłowski, M., Hanzlik, L., & Kluczniak, K. (2016). Pseudonymous signature on eIDAS token - implementation based privacy threats. In J.K. Liu & R. Steinfeld (eds.), Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Melbourne, VIC, Australia, 4–6 July 2016, Proceedings, Part II (vol. 9723, pp. 467–477). Lecture Notes in Computer Science. Berlin: Springer.  https://doi.org/10.1007/978-3-319-40367-0_31.CrossRefGoogle Scholar
  21. 21.
    Lysyanskaya, A., Rivest, R.L., Sahai, A., & Wolf, S. (1999). Pseudonym systems. In H.M. Heys & C.M. Adams (eds.), Selected Areas in Cryptography, 6th Annual International Workshop, SAC’99, Kingston, Ontario, Canada, 9–10 August 1999, Proceedings (Vol. 1758, pp. 184–199). Lecture Notes in Computer Science. Berlin: Springer.  https://doi.org/10.1007/3-540-46513-8_14.CrossRefGoogle Scholar
  22. 22.
    Patey, A. (2014). Techniques cryptographiques pour l’authentification et l’identification biométriques respectant la vie privée (Cryptographic techniques for privacy-preserving biometric authentication and identification). Ph.D. thesis. TELECOM ParisTech.Google Scholar
  23. 23.
    Pointcheval, D., & Sanders, O. (2016) Short randomizable signatures. In Cryptographers Track at the RSA Conference (pp. 111–126). Berlin: Springer.CrossRefGoogle Scholar
  24. 24.
    Slowik, M., & Wszola, M. (2017). An efficient verification of CL-LRSW signatures and a pseudonym certificate system. In Proceedings of the 4th ACM International Workshop on ASIA Public-Key Cryptography, APKC’17 (pp. 13–23). New York: ACM.  https://doi.org/10.1145/3055504.3055506.
  25. 25.
    The European Parliament and the Council of the European Union: Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (2014). http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2014.257.01.0073.01.ENG.
  26. 26.
    The European Parliament and the Council of the European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ec (General Data Protection Regulation) (2016). Official Journal of the European Union, 119(1).Google Scholar
  27. 27.
    Thomas, K., Li, F., Zand, A., Barrett, J., Ranieri, J., Invernizzi, L., et al. (2017). Data breaches, phishing, or malware?: Understanding the risks of stolen credentials. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (pp. 1421–1434). Providence: ACM.Google Scholar
  28. 28.
    Young, A.L., & Yung, M. (2004). Malicious cryptography - exposing cryptovirology. New York: Wiley.Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  • Przemysław Błaśkiewicz
    • 1
  • Lucjan Hanzlik
    • 2
  • Kamil Kluczniak
    • 3
  • Łukasz Krzywiecki
    • 1
  • Mirosław Kutyłowski
    • 1
  • Marcin Słowik
    • 1
  • Marta Wszoła
    • 1
  1. 1.Department of Computer Science, Faculty of Fundamental Problems of TechnologyWrocław University of Science and TechnologyWrocławPoland
  2. 2.Stanford University and CISPASaarland UniversitySaarbruckenGermany
  3. 3.CISPASaarland UniversitySaarbruckenGermany

Personalised recommendations