An identification protocol has to deliver a proof that the protocol participants are who they claim to be. Related to the circumstances, the proof must be sufficiently convincing for the addressee. On the other hand, as long as the data minimality principle is concerned, the proof should be useless for any party that is not the intended addressee. While the first goal has attracted a lot of attention, the second one has been rather neglected.
In this paper we discuss requirements for identification protocols from the point of view of privacy protection requirements of the GDPR regulation introduced in Europe. We concern the problem of cryptographic data created by identification protocols and misusing them as an evidence presented to third parties. We concern in particular the case when it appears that a malicious participant follows the protocol, however the privacy protection guarantees supposedly provided by the scheme are effectively broken.
We show that from the point of view of GDPR the classical schemes like static Diffie-Hellman, Schnorr, Wu, Stinson-Wu, and Di Raimondo-Gennaro fail to comply with the EU Regulation even if they are deniable.
The European Parliament and the Council of the European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ec (General Data Protection Regulation). Off. J. Eur. Union 119(1) (2016)Google Scholar