Privacy-Preserving Electronic Ticket Scheme with Attribute-based Credentials

Electronic tickets (e-tickets) are electronic versions of paper tickets, which enable users to access intended services and improve services' efficiency. However, privacy may be a concern of e-ticket users. In this paper, a privacy-preserving electronic ticket scheme with attribute-based credentials is proposed to protect users' privacy and facilitate ticketing based on a user's attributes. Our proposed scheme makes the following contributions: (1) users can buy different tickets from ticket sellers without releasing their exact attributes; (2) two tickets of the same user cannot be linked; (3) a ticket cannot be transferred to another user; (4) a ticket cannot be double spent; (5) the security of the proposed scheme is formally proven and reduced to well known (q-strong Diffie-Hellman) complexity assumption; (6) the scheme has been implemented and its performance empirically evaluated. To the best of our knowledge, our privacy-preserving attribute-based e-ticket scheme is the first one providing these five features. Application areas of our scheme include event or transport tickets where users must convince ticket sellers that their attributes (e.g. age, profession, location) satisfy the ticket price policies to buy discounted tickets. More generally, our scheme can be used in any system where access to services is only dependent on a user's attributes (or entitlements) but not their identities.Comment: 18pages, 6 figures, 2 table

A fair payment system with online anonymous transfer

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, February 2007.Includes bibliographical references (p. 26-27).Physical cash can be anonymously transfered. Transferability is a desirable property because it allows for flexible, private commerce where neither the seller nor the buyer must identify themselves to the bank. In some cases, however, anonymity can be abused and lead to problems such as blackmail and money laundering. In 1996, Camenisch, Piveteau, and Stadler introduced the concept of fairness for (non-transferable) ECash, where a trusted authority can revoke the anonymity of certain transactions as needed. To our knowledge, no current ECash system supports both anonymous transfer and fairness. We have designed and implemented such a system. Also, we formally describe a set of desirable properties for ECash systems and prove that our system meets all of these properties under the Strong RSA assumption and the Decisional Diffie-Hellman assumption in the random oracle model. Furthermore, we provide extensions for our system that could allow it to deal with offline payments and micropayments. Our system has been implemented in java. Tests have shown that it performs and scales well, as expected.by Bin D. Vo.M.Eng

Distributed Protocols at the Rescue for Trustworthy Online Voting

While online services emerge in all areas of life, the voting procedure in many democracies remains paper-based as the security of current online voting technology is highly disputed. We address the issue of trustworthy online voting protocols and recall therefore their security concepts with its trust assumptions. Inspired by the Bitcoin protocol, the prospects of distributed online voting protocols are analysed. No trusted authority is assumed to ensure ballot secrecy. Further, the integrity of the voting is enforced by all voters themselves and without a weakest link, the protocol becomes more robust. We introduce a taxonomy of notions of distribution in online voting protocols that we apply on selected online voting protocols. Accordingly, blockchain-based protocols seem to be promising for online voting due to their similarity with paper-based protocols