Abstract
The chapter concerns cryptographic schemes enabling to sign digital data in a pseudonymized way. The schemes aim to provide a strong cryptographic evidence of integrity of the signed data and origin of the signature, but at the same time have to hide the identity of the signatory. There are two crucial properties that are specific for pseudonymous signatures: ability to recover the real identity of the signatory in certain circumstances and resilience to Sybil attacks. Despite using a single private key, the signatory can create a (single) unlinkable pseudonym for each domain or sector of activity and generate signatures corresponding to this pseudonym.
This research has been done when all authors have been affiliated with Wrocław University of Science and Technology.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alwen, J., Dodis, Y., & Wichs, D. (2009). Leakage-resilient public-key cryptography in the bounded-retrieval model. In S. Halevi (ed.), Advances in Cryptology - CRYPTO 2009: 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, 16–20 August 2009. Proceedings (pp. 36–54). Berlin: Springer. https://doi.org/10.1007/978-3-642-03356-8_3.
Bellare, M., Fischlin, M., Goldwasser, S., & Micali, S. (2001). Identification protocols secure against reset attacks. In B. Pfitzmann (ed.), Advances in Cryptology — EUROCRYPT 2001: International Conference on the Theory and Application of Cryptographic Techniques Innsbruck, Austria, 6–10 May 2001, Proceedings (pp. 495–511). Berlin: Springer. https://doi.org/10.1007/3-540-44987-6_30.
Boneh, D., & Boyen, X. (2008). Short signatures without random oracles and the SDH assumption in bilinear groups. Journal of Cryptology, 21(2), 149–177. https://doi.org/10.1007/s00145-007-9005-7.
Bringer, J., Chabanne, H., Lescuyer, R., & Patey, A. (2014). Efficient and strongly secure dynamic domain-specific pseudonymous signatures for ID documents. IACR Cryptology ePrint Archive, 2014, 67. http://eprint.iacr.org/2014/067.
BSI: Technical guideline TR-03110 v2.21 – advanced security mechanisms for machine readable travel documents and eIDAS token (2016). https://www.bsi.bund.de/EN/Publications/TechnicalGuidelines/TR03110/BSITR03110.html.
Camenisch, J., & Lehmann, A. (2017). Privacy for distributed databases via (un) linkable pseudonyms. IACR Cryptology ePrint Archive, 2017, 22.
Camenisch, J., & Lysyanskaya, A. (2004). Signature schemes and anonymous credentials from bilinear maps. In Annual International Cryptology Conference (pp. 56–72). Berlin: Springer.
Canetti, R., Goldreich, O., Goldwasser, S., & Micali, S. (2000). Resettable zero-knowledge (extended abstract). In Proceedings of the Thirty-Second Annual ACM Symposium on Theory of Computing, STOC’00 (pp. 235–244). New York: ACM. https://doi.org/10.1145/335305.335334.
Chen, L., & Li, J. (2010). Revocation of direct anonymous attestation. In L. Chen & M. Yung (eds.), Trusted Systems: Second International Conference, INTRUST 2010, Beijing, China, 13–15 December 2010, Revised Selected Papers (pp. 128–147). Berlin: Springer. https://doi.org/10.1007/978-3-642-25283-9_9.
Cramer, R., & Shoup, V. (1998). A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In H. Krawczyk (ed.), Advances in Cryptology - CRYPTO’98, 18th Annual International Cryptology Conference, Santa Barbara, California, USA, 23–27 August 1998, Proceedings (Vol. 1462, pp. 13–25). Lecture Notes in Computer Science. Berlin: Springer. https://doi.org/10.1007/BFb0055717.
Dolev, S., & Lodha, S. (eds.), Cyber Security Cryptography and Machine Learning - First International Conference, CSCML 2017, Beer-Sheva, Israel, 29–30 June 2017, Proceedings (Vol. 10332). Lecture Notes in Computer Science. Berlin: Springer. https://doi.org/10.1007/978-3-319-60080-2.
Hanzlik, L., Kluczniak, K., & Kutyłowski, M. (2016). Controlled randomness - a defense against backdoors in cryptographic devices. In R.C. Phan & M. Yung (eds.), Paradigms in Cryptology - Mycrypt 2016. Malicious and Exploratory Cryptology - Second International Conference, Mycrypt 2016, Kuala Lumpur, Malaysia, 1–2 December 2016, Revised Selected Papers (Vol. 10311, pp. 215–232). Lecture Notes in Computer Science. Berlin: Springer. https://doi.org/10.1007/978-3-319-61273-7_11.
Hanzlik, L., Kluczniak, K., Kutyłowski, M., & Dolev, S. (2016). Local self-organization with strong privacy protection. In Trustcom/BigDataSE/ISPA, 2016 IEEE (pp. 775–782). IEEE.
Klonowski, M., Kutyłowski, M., Lauks, A., & Zagórski, F. (2005). Conditional digital signatures. In S.K. Katsikas, J. Lopez, & G. Pernul (eds.), Trust, Privacy and Security in Digital Business: Second International Conference, TrustBus 2005, Copenhagen, Denmark, 22–26 August 2005, Proceedings (Vol. 3592, pp. 206–215). Lecture Notes in Computer Science. Berlin: Springer. https://doi.org/10.1007/11537878_21.
Kluczniak, K. (2015). Anonymous authentication using electronic identity documents. Ph.D thesis. Institute of Computer Science, Polish Academy of Sciences.
Kluczniak, K., Hanzlik, L., & Kutyłowski, M. (2016). A formal concept of domain pseudonymous signatures. In F. Bao, L. Chen, R.H. Deng, & G. Wang (eds.), Information Security Practice and Experience - 12th International Conference, ISPEC 2016, Zhangjiajie, China, 16–18 November 2016, Proceedings (Vol. 10060, pp. 238–254). Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-319-49151-6_17.
Kluczniak, K., Wang, J., Chen, X., & Kutyłowski, M. (2016). Multi-device anonymous authentication. In J. Chen, V. Piuri, C. Su, & M. Yung (eds.), Network and System Security - 10th International Conference, NSS 2016, Taipei, Taiwan, 28–30 September 2016, Proceedings (Vol. 9955, pp. 21–36). Lecture Notes in Computer Science. Berlin: Springer. https://doi.org/10.1007/978-3-319-46298-1_2.
Krzywiecki, Ł. (2016). Schnorr-like identification scheme resistant to malicious subliminal setting of ephemeral secret. In I. Bica & R. Reyhanitabar (eds.), Innovative Security Solutions for Information Technology and Communications - 9th International Conference, SECITC 2016, Bucharest, Romania, 9–10 June 2016, Revised Selected Papers (Vol. 10006, pp. 137–148). Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-319-47238-6_10.
Krzywiecki, Ł., & Kutyłowski, M. (2017). Security of Okamoto identification scheme: A defense against ephemeral key leakage and setup. In C. Wang & M. Kantarcioglu (eds.), Proceedings of the Fifth ACM International Workshop on Security in Cloud Computing, SCC@AsiaCCS 2017, Abu Dhabi, United Arab Emirates, 2 April 2017 (pp. 43–50). ACM. https://doi.org/10.1145/3055259.3055267.
Kutyłowski, M., Hanzlik, L., & Kluczniak, K. (2016). Pseudonymous signature on eIDAS token - implementation based privacy threats. In J.K. Liu & R. Steinfeld (eds.), Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Melbourne, VIC, Australia, 4–6 July 2016, Proceedings, Part II (vol. 9723, pp. 467–477). Lecture Notes in Computer Science. Berlin: Springer. https://doi.org/10.1007/978-3-319-40367-0_31.
Lysyanskaya, A., Rivest, R.L., Sahai, A., & Wolf, S. (1999). Pseudonym systems. In H.M. Heys & C.M. Adams (eds.), Selected Areas in Cryptography, 6th Annual International Workshop, SAC’99, Kingston, Ontario, Canada, 9–10 August 1999, Proceedings (Vol. 1758, pp. 184–199). Lecture Notes in Computer Science. Berlin: Springer. https://doi.org/10.1007/3-540-46513-8_14.
Patey, A. (2014). Techniques cryptographiques pour l’authentification et l’identification biométriques respectant la vie privée (Cryptographic techniques for privacy-preserving biometric authentication and identification). Ph.D. thesis. TELECOM ParisTech.
Pointcheval, D., & Sanders, O. (2016) Short randomizable signatures. In Cryptographers Track at the RSA Conference (pp. 111–126). Berlin: Springer.
Slowik, M., & Wszola, M. (2017). An efficient verification of CL-LRSW signatures and a pseudonym certificate system. In Proceedings of the 4th ACM International Workshop on ASIA Public-Key Cryptography, APKC’17 (pp. 13–23). New York: ACM. https://doi.org/10.1145/3055504.3055506.
The European Parliament and the Council of the European Union: Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (2014). http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2014.257.01.0073.01.ENG.
The European Parliament and the Council of the European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ec (General Data Protection Regulation) (2016). Official Journal of the European Union, 119(1).
Thomas, K., Li, F., Zand, A., Barrett, J., Ranieri, J., Invernizzi, L., et al. (2017). Data breaches, phishing, or malware?: Understanding the risks of stolen credentials. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (pp. 1421–1434). Providence: ACM.
Young, A.L., & Yung, M. (2004). Malicious cryptography - exposing cryptovirology. New York: Wiley.
Acknowledgements
This research was supported by the National Science Centre (Poland) under grant OPUS no 2014/15/B/ST6/02837.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Błaśkiewicz, P. et al. (2019). Pseudonymous Signature Schemes. In: Li, KC., Chen, X., Susilo, W. (eds) Advances in Cyber Security: Principles, Techniques, and Applications. Springer, Singapore. https://doi.org/10.1007/978-981-13-1483-4_8
Download citation
DOI: https://doi.org/10.1007/978-981-13-1483-4_8
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-1482-7
Online ISBN: 978-981-13-1483-4
eBook Packages: Computer ScienceComputer Science (R0)