Privacy-Friendly Access Control Based on Personal Attributes

  • Jan Hajny
  • Lukas Malina
  • Ondrej Tethal
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8639)


In attribute-based access control systems, the attribute ownership instead of identity is verified before an access to private services or areas is granted. This approach allows more privacy-friendly verification of users since only individual attributes (such as age, citizenship or ticket ownership) are disclosed to service providers, not the complete identity. Unfortunately, there are very few cryptographic systems allowing practical attribute-based access control system implementations. The lack of cryptographic schemes is caused by the fact that the good balance between privacy and accountability is very difficult to achieve. In this paper, the first implementation of the HM12 attribute-based scheme and a practical choice of its security parameters are presented. The cryptographic scheme is implemented on off-the-shelf hardware, namely on MultOS programmable smart-cards and, experimentally, on Android devices. Finally, the results from our pilot deployment of the access-control system and the obtained user feedback are presented.


Access Control Anonymity Smart-Cards Privacy Attri-butes Security Cryptography 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    U-prove sdk overview. White paper. Tech. rep., Credentica Inc. (2007),
  2. 2.
    Apache maven project (2014),
  3. 3.
    I reveal my attributes, irma (2014),
  4. 4.
    Abendroth, J., Liagkou, V., Pyrgelis, A., Raptopoulos, C., et al.: D7. 1 application description for students. Technical report, ABC4Trust (2012)Google Scholar
  5. 5.
    Bao, F.: An efficient verifiable encryption scheme for encryption of discrete logarithms. In: Schneier, B., Quisquater, J.-J. (eds.) CARDIS 2000. LNCS, vol. 1820, pp. 213–220. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  6. 6.
    Bcheri, S., Goetze, N., Orski, M., Zwingelberg, H.: D6. 1 application description for the school deployment. Technical report, ABC4Trust (2012)Google Scholar
  7. 7.
    Bichsel, P., Camenisch, J., Gro, T., Shoup, V.: Anonymous credentials on a standard java card. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 600–610. ACM Press (2009)Google Scholar
  8. 8.
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Brands, S.A.: Rethinking public key infrastructures and digital certificates. MIT Press (c2000)Google Scholar
  10. 10.
    Camenisch, J., et al.: Specification of the identity mixer cryptographic library, Tech. rep. (2010)Google Scholar
  11. 11.
    Camenisch, J., Kohlweiss, M., Soriente, C.: Solving revocation with efficient update of anonymous credentials. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 454–471. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    Camenisch, J., Stadler, M.: Proof systems for general statements about discrete logarithms. Tech. rep. (1997)Google Scholar
  13. 13.
    Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, pp. 21–30. ACM, New York (2002)Google Scholar
  14. 14.
    Cramer, R.: Modular Design of Secure, yet Practical Cryptographic Protocols. Ph.D. thesis, University of Amsterdam (1996)Google Scholar
  15. 15.
    Cramer, R., Damgård, I., MacKenzie, P.: Efficient zero-knowledge proofs of knowledge without intractability assumptions. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 354–373. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  16. 16.
    Danes, L.: Smart card integration in the pseudonym system idemix. Master’s thesis, University of Groningen (2007)Google Scholar
  17. 17.
    Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)CrossRefGoogle Scholar
  18. 18.
    Gallagher, P., Kerry, C.: Fips pub 186-4: Digital signature standard, dss (2013),
  19. 19.
    Gosling, J., et al.: The java language specification, java se 7 edition (2013)Google Scholar
  20. 20.
    Hajny, J., Malina, L.: Unlinkable attribute-based credentials with practical revocation on smart-cards. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 62–76. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  21. 21.
    Hajny, J., Malina, L., Martinasek, Z., Tethal, O.: Performance evaluation of primitives for privacy-enhancing cryptography on current smart-cards and smart-phones. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, W.M. (eds.) DPM 2013 and SETOP 2013. LNCS, vol. 8247, pp. 17–33. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  22. 22.
    Johnson, R., et al.: The spring framework - reference documentation, version 2.5.6 (2008)Google Scholar
  23. 23.
    Lapon, J., Kohlweiss, M., De Decker, B., Naessens, V.: Performance analysis of accumulator-based revocation mechanisms. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds.) SEC 2010. IFIP AICT, vol. 330, pp. 289–301. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  24. 24.
    Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  25. 25.
    Mostowski, W., Vullers, P.: Efficient U-prove implementation for anonymous credentials on smart cards. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds.) SecureComm 2011. LNICST, vol. 96, pp. 243–260. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  26. 26.
    Okamoto, T., Uchiyama, S.: A new public-key cryptosystem as secure as factoring. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 308–318. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  27. 27.
    Paquin, C.: U-prove cryptographic specification v1.1, Tech. rep. (2011)Google Scholar
  28. 28.
    Tews, H., Jacobs, B.: Performance issues of selective disclosure and blinded issuing protocols on java card. In: Markowitch, O., Bilas, A., Hoepman, J.-H., Mitchell, C.J., Quisquater, J.-J. (eds.) WISTP 2009. LNCS, vol. 5746, pp. 95–111. Springer, Heidelberg (2009)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Jan Hajny
    • 1
  • Lukas Malina
    • 1
  • Ondrej Tethal
    • 2
  1. 1.Cryptology Research GroupBrno University of TechnologyCzech Republic
  2. 2.OKsystemCzech Republic

Personalised recommendations