reclaimID: Secure, Self-Sovereign Identities using Name Systems and Attribute-Based Encryption

In this paper we present reclaimID: An architecture that allows users to reclaim their digital identities by securely sharing identity attributes without the need for a centralised service provider. We propose a design where user attributes are stored in and shared over a name system under user-owned namespaces. Attributes are encrypted using attribute-based encryption (ABE), allowing the user to selectively authorize and revoke access of requesting parties to subsets of his attributes. We present an implementation based on the decentralised GNU Name System (GNS) in combination with ciphertext-policy ABE using type-1 pairings. To show the practicality of our implementation, we carried out experimental evaluations of selected implementation aspects including attribute resolution performance. Finally, we show that our design can be used as a standard OpenID Connect Identity Provider allowing our implementation to be integrated into standard-compliant services.Comment: 12 page

ZKlaims: Privacy-preserving Attribute-based Credentials using Non-interactive Zero-knowledge Techniques

In this paper we present ZKlaims: a system that allows users to present attribute-based credentials in a privacy-preserving way. We achieve a zero-knowledge property on the basis of Succinct Non-interactive Arguments of Knowledge (SNARKs). ZKlaims allow users to prove statements on credentials issued by trusted third parties. The credential contents are never revealed to the verifier as part of the proving process. Further, ZKlaims can be presented non-interactively, mitigating the need for interactive proofs between the user and the verifier. This allows ZKlaims to be exchanged via fully decentralized services and storages such as traditional peer-to-peer networks based on distributed hash tables (DHTs) or even blockchains. To show this, we include a performance evaluation of ZKlaims and show how it can be integrated in decentralized identity provider services.Comment: 8 pages, published at SECRYPT 201

Decentralized Identities for Self-sovereign End-users (DISSENS)

This paper describes a comprehensive architecture and reference implementation for privacy-preserving identity management that bucks the trend towards centralization present in contemporary proposals. DISSENS integrates a technology stack which combines privacy-friendly online payments with self-sovereign personal data management using a decentralized directory service. This enables users to be in complete control of their digital identity and personal information while at the same time being able to selectively share information necessary to easily use commercial services. Our pilot demonstrates the viability of a sustainable, user-centric, standards-compliant and accessible use case for public service employees and students in the domain of retail e-commerce. We leverage innovative technologies including self-sovereign identity, privacy credentials, and privacy-friendly digital payments in combination with established standards to provide easy-to-adapt templates for the integration of various scenarios and use cases

Who comes after us? The correct mindset for designing a Central Bank Digital Currency

In December 2021 the European Central Bank (ECB) published a report on "Central Bank Digital Currency: functional scope, pricing and controls" in its Occasional Paper Series [BPT21], detailing various challenges for the Digital Euro. While the authors peripherally acknowledge the existence of token-based payment systems, the notion that a Digital Euro will somehow require citizens to have some kind of central bank account is pervasive in the paper. We argue that an account-based design cannot meet the ECB’s stated design goals and that the ECB needs to fundamentally change its mindset when thinking about its role in the context of the Digital Euro if it wants the project to succeed. Along the same lines, the French National Council for Digitalization published a report on "Notes and Tokens, The New Competition of Currencies" [DGTV21]. Here, the authors make related incorrect claims about inevitable properties of Central Bank Digital Currencies (CBDCs), going as far as stating that a CBDC is not possible without an eID system. Our paper sets the record straight

Human papillomavirus vaccination of girls in the German model region Saarland: Insurance data-based analysis and identification of starting points for improving vaccination rates

In Germany, the incidence of cervical cancer, a disease caused by human papillomaviruses (HPV), is higher than in neighboring European countries. HPV vaccination has been recommended for girls since 2007. However, it continues to be significantly less well received than other childhood vaccines, so its potential for cancer prevention is not fully realized. To find new starting points for improving vaccination rates, we analyzed pseudonymized routine billing data from statutory health insurers in the PRÄZIS study (prevention of cervical carcinoma and its precursors in women in Saarland) in the federal state Saarland serving as a model region. We show that lowering the HPV vaccination age to 9 years led to more completed HPV vaccinations already in 2015. Since then, HPV vaccination rates and the proportion of 9- to 11-year-old girls among HPV-vaccinated females have steadily increased. However, HPV vaccination rates among 15-year-old girls in Saarland remained well below 50% in 2019. Pediatricians vaccinated the most girls overall, with a particularly high proportion at the recommended vaccination age of 9–14 years, while gynecologists provided more HPV catch-up vaccinations among 15-17-year-old girls, and general practitioners compensated for HPV vaccination in Saarland communities with fewer pediatricians or gynecologists. We also provide evidence for a significant association between attendance at the children´s medical check-ups “U11” or “J1” and HPV vaccination. In particular, participation in HPV vaccination is high on the day of U11. However, obstacles are that U11 is currently not financed by all statutory health insurers and there is a lack of invitation procedures for both U11 and J1, resulting in significantly lower participation rates than for the earlier U8 or U9 screenings, which are conducted exclusively with invitations and reminders. Based on our data, we propose to restructure U11 and J1 screening in Germany, with mandatory funding for U11 and organized invitations for HPV vaccination at U11 or J1 for both boys and girls

The GNU Name System

This document provides the GNU Name System (GNS) technical specification. GNS is a decentralized and censorship-resistant domain name resolution protocol that provides a privacy-enhancing alternative to the Domain Name System (DNS) protocols. This document defines the normative wire format of resource records, resolution processes, cryptographic routines, and security and privacy considerations for use by implementers. This specification was developed outside the IETF and does not have IETF consensus. It is published here to inform readers about the function of GNS, guide future GNS implementations, and ensure interoperability among implementations (for example, pre-existing GNUnet implementations)

Zero-Knowledge Age Restriction for GNU Taler

We propose a design for a privacy-friendly method of age restriction in e-commerce that is aligned with the principle of subsidiarity. The design is presented as an extension of a privacy-friendly payment protocol with a zero-knowledge scheme that cryprographically augments coins for this purpose. Our scheme enables buyers to prove to be of sufficient age for a particular transaction without disclosing it. Our modification preserves the privacy and security properties of the payment system such as the anonymity of minors as buyers as well as unlinkability of transactions. We show how our scheme can be instantiated with ECDSA as well with a variant of EdDSA, respectively, and how it can be integrated with the GNU Taler payment system. We provide formal proofs and implementation of our proposal. Key performance measurements for various CPU architectures and implementations are presented

Interaction of Substrates with γ-Secretase at the Level of Individual Transmembrane Helices—A Methodological Approach

Intramembrane proteases, such as γ secretase, typically recruit multiple substrates from an excess of single-span membrane proteins. It is currently unclear to which extent substrate recognition depends on specific interactions of their transmembrane domains (TMDs) with TMDs of a protease. Here, we investigated a large number of potential pairwise interactions between TMDs of γ secretase and a diverse set of its substrates using two different configurations of BLaTM, a genetic reporter system. Our results reveal significant interactions between TMD2 of presenilin, the enzymatic subunit of γ secretase, and the TMD of the amyloid precursor protein, as well as of several other substrates. Presenilin TMD2 is a prime candidate for substrate recruitment, as has been shown from previous studies. In addition, the amyloid precursor protein TMD enters interactions with presenilin TMD 4 as well as with the TMD of nicastrin. Interestingly, the Gly-rich interfaces between the amyloid precursor protein TMD and presenilin TMDs 2 and 4 are highly similar to its homodimerization interface. In terms of methodology, the economics of the newly developed library-based method could prove to be a useful feature in related future work for identifying heterotypic TMD−TMD interactions within other biological contexts

The effects of the National School Lunch Program on education and health

This paper estimates the effects of participating in the National School Lunch Program in the middle of the 20th century on adult health outcomes and educational attainment. I utilize an instrumental variables strategy that exploits a change in the formula used by the federal government to allocate funding to the states. Identification is achieved by the fact that different birth cohorts were exposed to different degrees to the original formula and the new formula, along with the fact that the change of the formula affected states differentially by per capita income. Participation in the program as a child appears to have few long-run effects on health, but the effects on educational attainment are sizable. These results may suggest that subsidized lunches induced children to attend school but displaced food consumption from other sources. Alternatively, the program may have had short-run health effects that dissipated over time but that facilitated higher educational attainment. © 2010 by the Association for Public Policy Analysis and Management.