Attribute Based Pseudonyms : Anonymous and Linkable Scoped Credentials

Attribute-based credentials (ABCs) provide an efficient way to transfer custody of personal and private data to the final user, while minimizing the risk of sensitive data revelation and thus granting anonymity. Nevertheless, this method cannot detect whether one attribute has been used more than once without compromising anonymity when the emitter and consumer collude with one another. The protocol proposed in this article deals with this issue by using a modification of ZSS pairing-based short signatures over elliptic curves and Verheul's self-blinded credentials scheme. Each user can generate an identifier (pseudonym) that is unique and verifiable by everyone in a given scope, without compromising anonymity. However, the identifier cannot be reused in the same scope, since such reuse would be detected

Threats and countermeasures for network security

In the late 1980's, the traditional threat of anonymous break-ins to networked computers was joined by viruses and worms, multiplicative surrogates that carry out the bidding of their authors. Technologies for authentication and secrecy, supplemented by good management practices, are the principal countermeasures. Four articles on these subjects are presented

RHyTHM: A Randomized Hybrid Scheme To Hide in the Mobile Crowd

Any on-demand pseudonym acquisition strategy is problematic should the connectivity to the credential management infrastructure be intermittent. If a vehicle runs out of pseudonyms with no connectivity to refill its pseudonym pool, one solution is the on-the-fly generation of pseudonyms, e.g., leveraging anonymous authentication. However, such a vehicle would stand out in the crowd: one can simply distinguish pseudonyms, thus signed messages, based on the pseudonym issuer signature, link them and track the vehicle. To address this challenge, we propose a randomized hybrid scheme, RHyTHM, to enable vehicles to remain operational when disconnected without compromising privacy: vehicles with valid pseudonyms help others to enhance their privacy by randomly joining them in using on-the-fly self-certified pseudonyms along with aligned lifetimes. This way, the privacy of disconnected users is enhanced with a reasonable computational overhead.Comment: 4 pages, 4 figures, IEEE Vehicular Networking Conference (VNC), November 27-29, 2017, Torino, Ital

Web3.0 Security: Privacy Enhancing and Anonym Auditing in Blockchain-based Structures

The advent of Web 3.0, underpinned by blockchain technologies, promises to transform the internet's landscape by empowering individuals with decentralized control over their data. However, this evolution brings unique security challenges that need to be addressed. This paper explores these complexities, focusing on enhancing privacy and anonymous auditing within blockchain structures. We present the architecture of Web 3.0 based on the blockchain, providing a clear perspective on its workflow and security mechanisms. A security protocol for Web 3.0 systems, employing privacy-preserving techniques and anonymous auditing during runtime, is proposed. Key components of our solution include the integration of privacy-enhancing techniques and the utilization of Tor for anonymous auditing. We discuss related work and propose a framework that meets these new security requirements. Lastly, we offer an evaluation and comparison of our model to existing methods. This research contributes towards the foundational understanding of Web 3.0's secure structure and offers a pathway towards secure and privacy-preserving digital interactions in this novel internet landscape