44 research outputs found
Selective disclosure credential sets
We describe a credential system similar to the electronic cash system
described by Chaum, Fiat and Naor. Our system uses bit commitments to
create selective disclosure credentials which limit what portions of a
credential the holder must reveal. We show how credentials from
separate issuers can be linked to the same person in order to prevent
users from pooling credentials to obtain services no one user could
obtain alone. We also describe how to use a blinding technique
described by Laurie which may not violate the patents on blind
signatures
Logcrypt: Forward Security and Public Verification for Secure Audit Logs ∗
Logcrypt provides strong cryptographic assurances that data stored by a logging facility before a system compromise cannot be modified after the compromise without detection. We build on prior work by showing how log creation can be separated from log verification, and describing several additional performance and convenience features not previously considered.
Trust Negotiation in Electronic Markets
As business transactions migrate into electronic marketplaces, most interactions will occur between strangers. In order for strangers to conduct secure transactions, a sufficient level of mutual trust must be established. A new approach to gradually establishing trust between strangers is through the iterative exchange of digital credentials, known as trust negotiation. This paper briefly describes TrustBuilder, an architecture for automated trust negotiation that we are designing and developing. It also introduces client-initiated trust establishment, a new context for trust negotiation that has not been explored previously. When a client sends a request to a server, the request can sometimes contain sensitive content that the client must safeguard. The client must establish trust in the server before the request is sent. This paper presents the design of an architecture for client-initiated trust establishment and describes how the architecture can be used to address privacy concerns, a significant impediment to conducting on-line business transactions