173 research outputs found

    A new construction for linkable secret handshake

    Get PDF
    National Research Foundation (NRF) Singapore; AXA Research Fun

    PPAA: Peer-to-Peer Anonymous Authentication (Extended Version)

    Get PDF
    In the pursuit of authentication schemes that balance user privacy and accountability, numerous anonymous credential systems have been constructed. However, existing systems assume a client-server architecture in which only the clients, but not the servers, care about their privacy. In peer-to-peer (P2P) systems where both clients and servers are peer users with privacy concerns, no existing system correctly strikes that balance between privacy and accountability. In this paper, we provide this missing piece: a credential system in which peers are {\em pseudonymous} to one another (that is, two who interact more than once can recognize each other via pseudonyms) but are otherwise anonymous and unlinkable across different peers. Such a credential system finds applications in, e.g., Vehicular Ad-hoc Networks (VANets) and P2P networks. We formalize the security requirements of our proposed credential system, provide a construction for it, and prove the security of our construction. Our solution is efficient: its complexities are independent of the number of users in the system

    Building Trust for Lambda-Congenial Secret Groups

    Full text link
    Establishing trust while preserving privacy is a challenging research problem. In this paper we introduce lambda -congenial secret groups which allow users to recognize trusted partners based on common attributes while preserving their anonymity and privacy. Such protocols are different from authentication protocols, since the latter are based on identities, while the former are based on attributes. Introducing attributes in trust establishment allows a greater flexibility but also brings up several issues. In this paper, we investigate the problem of building trust with attributes by presenting motivating examples, analyzing the security requirements and giving an informal definition. We also survey one of the most related techniques, namely private matching, and finally present solutions based on it

    Affiliation-Hiding Authentication with Minimal Bandwidth Consumption

    Full text link
    Part 3: Lightweight AuthenticationInternational audienceAffiliation-Hiding Authentication (AHA) protocols have the seemingly contradictory property of enabling users to authenticate each other as members of certain groups, without revealing their affiliation to group outsiders. Of particular interest in practice is the group-discovering variant, which handles multiple group memberships per user. Corresponding solutions were only recently introduced, and have two major drawbacks: high bandwidth consumption (typically several kilobits per user and affiliation), and only moderate performance in scenarios of practical application.While prior protocols have O(n2) time complexity, where n denotes the number of affiliations per user, we introduce a new AHA protocol running in O(nlogn) time. In addition, the bandwidth consumed is considerably reduced. We consider these advances a major step towards deployment of privacy-preserving methods in constraint devices, like mobile phones, to which the economization of these resources is priceless

    Covert QR codes: How to hide in the crowd

    Get PDF
    This paper investigates a novel approach of distributing a hidden message via public channels. The proposed approach employs visual subterfuge to conceal secret information within a QR code. Using a QR code reader, any individual can decode the public information contained in the QR code. However, only authorized users who have the necessary credentials will be able to obtain the secret message, which is encoded in the form of a secret QR code. We call this a Covert QR (CQR) code scheme. To embed the secret information, this approach exploits the error correction mechanism inherent in the QR code structure. By using QR codes to conceal information, the proposed scheme has the advantage of reducing the likelihood of attracting the attention of potential adversaries. In addition, the information in QR codes can be scanned and decoded through the visual channel. As such, the secret information can be distributed on printed media and is not restricted to an electronic form
    corecore