Anonymity Protocol with Identity Escrow and Analysis in the Applied π-Calculus

  • Aybek Mukhamedov
  • Mark D. Ryan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4912)


Anonymity with identity escrow attempts to allow users of a service to remain anonymous, while providing the possibility that the service owner can break the anonymity if the service is misused. We introduce a new protocol in which the user’s identity is distributed among several token providers. Anonymity is assured provided at least one of the token providers is honest (and the misuse has not occurred). We analyse the protocol in the applied π-calculus.


Normal Form Anonymous Credential Private Channel Honest User Honest Agent 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Harris interactive. In: IBM multi-national consumer privacy survey (October 1999)Google Scholar
  2. 2.
    Business Week/Harris poll: A growing threat. In: Business Week (March 2000)Google Scholar
  3. 3.
    Backes, M., Meadows, C., Mitchell, J.C.: Relating cryptography and formal methods: a panel. In: FMSE, pp. 61–66 (2003)Google Scholar
  4. 4.
    Camenisch, J., Lysyanskaya, A.: An identity escrow scheme with appointed verifiers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 388–407. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)Google Scholar
  6. 6.
    Camenisch, J., Shoup, V.: Practical verifiable encryption and decryption of discrete logarithms. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 126–144. Springer, Heidelberg (2003)Google Scholar
  7. 7.
    Cranor, L.F., Reagle, J., Ackerman, M.: Beyond concern: Understanding net users’ attitudes about online privacy. Technical report, AT&T Labs-Research (1999)Google Scholar
  8. 8.
    Kiayias, A., Yung, M.: Group signatures: Provable security, efficient constructions and anonymity from trapdoor-holders. Cryptology ePrint Archive, Report 2004/076 (2004),
  9. 9.
    Kilian, J., Petrank, E.: Identity escrow. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 169–187. Springer, Heidelberg (1998)Google Scholar
  10. 10.
    Leighton, F.T.: Failsafe key escrow systems. Technical Memo 483, MIT Laboratory for Computer Science (1994)Google Scholar
  11. 11.
    Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184–199. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  12. 12.
    Marshall, L.F., Molina-Jiminez, C.: Anonymity with identity escrow. In: Dimitrakos, T., Martinelli, F. (eds.), Proceedings of the 1st International Workshop on Formal Aspects in Security and Trust, pp. 121–129, Istituto di Informatica e Telematica, Pisa (2003)Google Scholar
  13. 13.
    Micali, S.: Fair public-key cryptosystems. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, Springer, Heidelberg (1993)Google Scholar
  14. 14.
    Mukhamedov, A., Ryan, M.D.: On anonymity with identity escrow. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2005. LNCS, vol. 3866, Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Aybek Mukhamedov and Mark D. Ryan. Anonymity protocol with identity escrow and analysis in the applied π-calculus (extended version) (2007),,mdr

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Aybek Mukhamedov
    • 1
  • Mark D. Ryan
    • 1
  1. 1.School of Computer ScienceUniversity of Birmingham 

Personalised recommendations