Skip to main content
SpringerLink
Log in

SeDiCi: An Authentication Service Taking Advantage of Zero-Knowledge Proofs

  • Conference paper
Book cover Financial Cryptography and Data Security (FC 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6052))

Included in the following conference series:

Abstract

Transmission of users’ profiles over insecure communication means is a crucial task of today’s ecommerce applications. In addition, the users have to createmany profiles and remember many credentials. Thus they retype the same information over and over again. Each time the users type their credentials, they expose them to phishing or eavesdropping attempts.These problems could be solved by using Single Sign-on (SSO). The idea of SSO is that the users keep using the same set of credentials when visiting different websites. For web-aplications, OpenID1. is the most prominent solution that partially impelemtns SSO. However, OpenID is prone to phishing attempts and it does not preserve users’ privacy [1].

To address phishing and eavesdropping, we developed SeDiCi, a secure SSO. This technology takes advantage of Zero-Knowledge Proof (ZKP) authentication that is based on our previous work [2]. The technology also supports RESTbased API that enables taking advantage of the service by mobile phones, webapplications and other client applications. To provide interoperability with other systems, SeDiCi stores data using semantic web standards such as FOAF. Thus, the users are able to use their profiles and social networks from other services.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Adida, B.: Beamauth: two-factor web authentication with a bookmark. In: CCS 2007: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 48–57. ACM, New York (2007)

    Chapter  Google Scholar 

  2. Grzonkowski, S., Zaremba, W., Zaremba, M., McDaniel, B.: Extending web applications with a lightweight zero knowledge proof authentication. In: CSTST 2008: Proceedings of the 5th International Conference on Soft Computing as Transdisciplinary Science and Technology, pp. 65–70. ACM, New York (2008)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Digital Enterprise Research Institute National, University of Ireland, Galway, IDA Business Park, Galway, Ireland

    Sławomir Grzonkowski

Authors
  1. Sławomir Grzonkowski
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, Stony Brook, Stony Brook University, 11794, NY, USA

    Radu Sion

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Grzonkowski, S. (2010). SeDiCi: An Authentication Service Taking Advantage of Zero-Knowledge Proofs. In: Sion, R. (eds) Financial Cryptography and Data Security. FC 2010. Lecture Notes in Computer Science, vol 6052. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14577-3_40

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14577-3_40

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14576-6

  • Online ISBN: 978-3-642-14577-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation