Advertisement

A Cryptographic Framework for the Controlled Release Of Certified Data

  • Endre Bangerter
  • Jan Camenisch
  • Anna Lysyanskaya
Chapter

Abstract

The problem of privacy protection is to control the dissemination of personal data. There exist various privacy principles that describe at a conceptual level what measures have to be taken to protect privacy. Examples of these principles are an individual’s right to access and to request correction of data about oneself and the requirement for an individual to consent to the disclosure of her personal data. Another principle is that of data minimization: It states that an individual should only disclose the minimal necessary data for a given purpose. Determining these data is often a difficult task, and one usually needs to balance an individual’s privacy interests and the legitimate interest of other parties in the individual’s data. An example of this trade-off is an individual’s wish to be anonymous conflicting with her requirements imposed by law enforcement to be able to identify and get hold of criminals. Such trade-offs impose limits on privacy that cannot be overcome by any technology.

Keywords

Data Item Encryption Scheme Signature Scheme Discrete Logarithm Commitment Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Notes

Acknowledgement

The information in this document is provided as is, and no guarantee or warranty is given that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability. Part of the work reported in this paper is supported by the IST PRIME project; however, it represents the view of the authors only. The PRIME project receives research funding from the Community’s Sixth Framework Programme and the Swiss Federal Office for Education and Science. Anna Lysyanskaya is supported by NSF Career grant CNS-0347661.

References

  1. 1.
    Portia project, website. crypto.stanford.edu/portia.
  2. 2.
    PRIME project, website. www.prime-project.eu.org.
  3. 3.
    N. Asokan, V. Shoup, and M. Waidner. Optimistic fair exchange of digital signatures. IEEE Journal on Selected Areas in Communications, 18(4):591–610, Apr. 2000.CrossRefGoogle Scholar
  4. 4.
    G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A practical and provably secure coalition-resistant group signature scheme. In M. Bellare, editor, Advances in Cryptology – CRYPTO 2000, volume 1880 of Lecture Notes in Computer Science, pages 255–270. Springer, Berlin 2000.Google Scholar
  5. 5.
    N. Barić and B. Pfitzmann. Collision-free accumulators and fail-stop signature schemes without trees. In W. Fumy, editor, Advances in Cryptology – EUROCRYPT ’97, volume 1233 of Lecture Notes in Computer Science, pages 480–494. Springer, Berlin 1997.Google Scholar
  6. 6.
    M. Bellare and O. Goldreich. On defining proofs of knowledge. In E. F. Brickell, editor, Advances in Cryptology – CRYPTO ’92, volume 740 of Lecture Notes in Computer Science, pages 390–420. Springer, Berlin 1992.Google Scholar
  7. 7.
    D. Boneh and M. Franklin. Identity-based encryption from the Weil pairing. In J. Kilian, editor, Advances in Cryptology – CRYPTO 2001, volume 2139 of Lecture Notes in Computer Science, pages 213–229. Springer, Berlin 2001.Google Scholar
  8. 8.
    D. Boneh and A. Silverberg. Applications of multilinear forms to cryptography. In Topics in Algebraic and Noncommutative Geometry, Contemporary Mathematics, volume 324, pages 71–90. American Mathematical Society, Providence, RI 2003.CrossRefGoogle Scholar
  9. 9.
    S. Brands. Untraceable off-line cash in wallets with observers. In D. R. Stinson, editor, Advances in Cryptology – CRYPTO ’93, volume 773 of Lecture Notes in Computer Science, pages 302–318, Springer, Berlin 1993.Google Scholar
  10. 10.
    S. Brands. Rethinking Public Key Infrastructure and Digital Certificates– Building in Privacy. PhD thesis, Eindhoven Institute of Technology, Eindhoven, The Netherlands, 1999.Google Scholar
  11. 11.
    G. Brassard, D. Chaum, and C. Crépeau. Minimum disclosure proofs of knowledge. Journal of Computer and System Sciences, 37(2):156–189, Oct. 1988.MathSciNetMATHCrossRefGoogle Scholar
  12. 12.
    E. Brickell, J. Camenisch, and L. Chen. Direct anonymous attestation. Technical Report Research Report RZ 3450, IBM Research Division, Mar. 2004.Google Scholar
  13. 13.
    J. Camenisch and I. Damgård. Verifiable encryption, group encryption, and their applications to group signatures and signature sharing schemes. In T. Okamoto, editor, Advances in Cryptology – ASIACRYPT 2000, volume 1976 of Lecture Notes in Computer Science, pages 331–345. Springer, Berlin 2000.Google Scholar
  14. 14.
    J. Camenisch and J. Groth. Group signatures: Better efficiency and new theoretical aspects. In Proceedings of SCN ’04, volume 3352 of LNCS, pages 120–133, Springer, Berlin 2004.Google Scholar
  15. 15.
    J. Camenisch and E. V. Herreweghen. Design and implementation of the idemix anonymous credential system. Technical Report Research Report RZ 3419, IBM Research Division, May 2002.Google Scholar
  16. 16.
    J. Camenisch and A. Lysyanskaya. Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. Technical Report Research Report RZ 3295, IBM Research Division, Nov. 2000.Google Scholar
  17. 17.
    J. Camenisch and A. Lysyanskaya. Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In B. Pfitzmann, editor, Advances in Cryptology – EUROCRYPT 2001, volume 2045 of Lecture Notes in Computer Science, pages 93–118. Springer, Berlin 2001.Google Scholar
  18. 18.
    J. Camenisch and A. Lysyanskaya. A signature scheme with efficient protocols. In S. Cimato, C. Galdi, and G. Persiano, editors, Security in Communication Networks, Third International Conference, SCN 2002, volume 2576 of Lecture Notes in Computer Science, pages 268–289. Springer, Berlin 2003.Google Scholar
  19. 19.
    J. Camenisch and A. Lysyanskaya. Signature schemes and anonymous credentials from bilinear maps. In M. K. Franklin, editor, Advances in Cryptology – CRYPTO 2004, volume 3152 of Lecture Notes in Computer Science, pages 56–72. Springer, Berlin 2004.Google Scholar
  20. 20.
    J. Camenisch and M. Michels. A group signature scheme with improved efficiency. In K. Ohta and D. Pei, editors, Advances in Cryptology – ASIACRYPT ’98, volume 1514 of Lecture Notes in Computer Science, pages 160–174. Springer, Berlin 1998.Google Scholar
  21. 21.
    J. Camenisch and M. Michels. Separability and efficiency for generic group signature schemes. In M. Wiener, editor, Advances in Cryptology – CRYPTO ’99, volume 1666 of Lecture Notes in Computer Science, pages 413–430. Springer, Berlin 1999.Google Scholar
  22. 22.
    J. Camenisch and V. Shoup. Practical verifiable encryption and decryption of discrete logarithms. In D. Boneh, editor, Advances in Cryptology – CRYPTO 2003, volume 2729 of Lecture Notes in Computer Science, pages 126–144, Springer, Berlin 2003.Google Scholar
  23. 23.
    J. Camenisch and M. Stadler. Efficient group signature schemes for large groups. In B. Kaliski, editor, Advances in Cryptology – CRYPTO ’97, volume 1296 of Lecture Notes in Computer Science, pages 410–424. Springer, Berlin 1997.Google Scholar
  24. 24.
    J. L. Camenisch. Group Signature Schemes and Payment Systems Based on the Discrete Logarithm Problem. PhD thesis, ETH Zürich, 1998. Diss. ETH No. 12520, Hartung Gorre Verlag, Konstanz.Google Scholar
  25. 25.
    D. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84–88, Feb. 1981.CrossRefGoogle Scholar
  26. 26.
    D. Chaum. Blind signatures for untraceable payments. In D. Chaum, R. L. Rivest, and A. T. Sherman, editors, Advances in Cryptology – Proceedings of CRYPTO ’82, pages 199–203. Plenum, New York, 1983.Google Scholar
  27. 27.
    D. Chaum. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10):1030–1044, Oct. 1985.CrossRefGoogle Scholar
  28. 28.
    D. Chaum and J.-H. Evertse. A secure and privacy-protecting protocol for transmitting personal information between organizations. In M. Odlyzko, editor, Advances in Cryptology – CRYPTO ’86, volume 263 of Lecture Notes in Computer Science, pages 118–167. Springer, Berlin 1987.Google Scholar
  29. 29.
    D. Chaum, A. Fiat, and M. Naor. Untraceable electronic cash. In S. Goldwasser, editor, Advances in Cryptology – CRYPTO ’88, volume 403 of Lecture Notes in Computer Science, pages 319–327. Springer, Berlin 1990.Google Scholar
  30. 30.
    D. Chaum and E. van Heyst. Group signatures. In D. W. Davies, editor, Advances in Cryptology – EUROCRYPT ’91, volume 547 of Lecture Notes in Computer Science, pages 257–265. Springer, Berlin 1991.Google Scholar
  31. 31.
    R. Cramer and V. Shoup. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In H. Krawczyk, editor, Advances in Cryptology – CRYPTO ’98, volume 1642 of Lecture Notes in Computer Science, pages 13–25, Springer, Berlin 1998.Google Scholar
  32. 32.
    R. Cramer and V. Shoup. Signature schemes based on the strong RSA assumption. In Proceedings of the 6th ACM Conference on Computer and Communications Security, pages 46–52. ACM, Nov. 1999.Google Scholar
  33. 33.
    I. Damgård and E. Fujisaki. An integer commitment scheme based on groups with hidden order. In Advances in Cryptology – ASIACRYPT 2002, volume 2501 of Lecture Notes in Computer Science. Springer, Berlin 2002.Google Scholar
  34. 34.
    I. Damgård and M. Koprowski. Generic lower bounds for root extraction and signature schemes in general groups. In L. Knudsen, editor, Advances in Cryptology – EUROCRYPT 2002, volume 2332 of Lecture Notes in Computer Science, pages 256–271. Springer, Berlin 2002.Google Scholar
  35. 35.
    I. B. Damgård. Payment systems and credential mechanism with provable security against abuse by individuals. In S. Goldwasser, editor, Advances in Cryptology – CRYPTO ’88, volume 403 of Lecture Notes in Computer Science, pages 328–335. Springer, Berlin 1990.Google Scholar
  36. 36.
    A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In A. M. Odlyzko, editor, Advances in Cryptology – CRYPTO ’86, volume 263 of Lecture Notes in Computer Science, pages 186–194. Springer, Berlin 1987.Google Scholar
  37. 37.
    E. Fujisaki and T. Okamoto. Witness hiding protocols to confirm modular polynomial relations. In The 1997 Symposium on Cryptograpy and Information Security, Fukuoka, Japan, Jan. 1997. The Institute of Electronics, Information and Communcation Engineers. SCSI97-33D.Google Scholar
  38. 38.
    C. Gentry and A. Silverberg. Hierarchical ID-based cryptography. In Y. Zheng, editor, Advances in Cryptology – ASIACRYPT 2002, volume 2501 of Lecture Notes in Computer Science, pages 548–566. Springer, Berlin 2002.Google Scholar
  39. 39.
    O. Goldreich. Foundations of Cryptography II: Basic Applications. Cambridge University Press, Cambridge 2004.MATHCrossRefGoogle Scholar
  40. 40.
    S. Goldwasser, S. Micali, and C. Rackoff. The knowledge complexity of interactive proof systems. In Proceedings of the 27th Annual Symposium on Foundations of Computer Science, pages 291–304, 1985.Google Scholar
  41. 41.
    S. Goldwasser, S. Micali, and R. Rivest. A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing, 17(2):281–308, Apr. 1988.MathSciNetMATHCrossRefGoogle Scholar
  42. 42.
    A. Joux. A one-round protocol for tripartite Diffie-Hellman. In Proceedings of the ANTS-IV conference, volume 1838 of Lecture Notes in Computer Science, pages 385–394. Springer, Berlin 2000.Google Scholar
  43. 43.
    A. Lysyanskaya. Signature schemes and applications to cryptographic protocol design. PhD thesis, Massachusetts Institute of Technology, Cambridge, Massachusetts, Sept. 2002.Google Scholar
  44. 44.
    A. Lysyanskaya, R. Rivest, A. Sahai, and S. Wolf. Pseudonym systems. In H. Heys and C. Adams, editors, Selected Areas in Cryptography, volume 1758 of Lecture Notes in Computer Science. Springer, Berlin 1999.Google Scholar
  45. 45.
    P. Paillier. Public-key cryptosystems based on composite residuosity classes. In J. Stern, editor, Advances in Cryptology – EUROCRYPT ’99, volume 1592 of Lecture Notes in Computer Science, pages 223–239. Springer, Berlin 1999.Google Scholar
  46. 46.
    T. P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In J. Feigenbaum, editor, Advances in Cryptology – CRYPTO ’91, volume 576 of Lecture Notes in Computer Science, pages 129–140. Springer, Berlin 1992.Google Scholar
  47. 47.
    D. Pointcheval and J. Stern. Security proofs for signature schemes. In U. Maurer, editor, Advances in Cryptology – EUROCRYPT ’96, volume 1070 of Lecture Notes in Computer Science, pages 387–398. Springer, Berlin 1996.Google Scholar
  48. 48.
    J. Silverman. The Arithmetic of Elliptic Curves. Springer, Berlin 1986.MATHCrossRefGoogle Scholar
  49. 49.
    E. Verheul. Self-blindable credential certificates from the weil pairing. In C. Boyd, editor, Advances in Cryptology – ASIACRYPT 2001, volume 2248 of Lecture Notes in Computer Science, pages 533–551. Springer, Berlin 2001.Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  • Endre Bangerter
    • 1
  • Jan Camenisch
  • Anna Lysyanskaya
  1. 1.IBM Zurich Research LaboratoryRüschlikonSwitzerland

Personalised recommendations