Sciweavers

IACR
2016

Practical backward unlinkable revocation in FIDO, German e-ID, Idemix and U-Prove

8 years 8 months ago
Practical backward unlinkable revocation in FIDO, German e-ID, Idemix and U-Prove
Abstract FIDO, German e-ID, Idemix and U-Prove constitute privacyenhanced public-key infrastructures allowing users to authenticate in an anonymous way. This however hampers timely revocation in a privacy friendly way. From a legal perspective, revocation typically should be effective within 24 hours after user reporting. It should also be backward unlinkable, i.e. user anonymity cannot be removed after revocation. We describe a new, generic revocation mechanism based on pairing based encryption and apply it to supplement the systems mentioned. This allows for both flexible and privacy friendly revocation. Protocol execution takes less than a quarter of a second on modern smartcards. An additional property is that usage after revocation is linkable, allowing users to identify fraudulent usage after revocation. Our technique is the first Verifier Local Revocation scheme with backwards unlinkable revocation for the systems mentioned. This also allows for a setup resembling the well-k...
Eric R. Verheul
Added 03 Apr 2016
Updated 03 Apr 2016
Type Journal
Year 2016
Where IACR
Authors Eric R. Verheul
Comments (0)