Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Hi-index | 0.00 |
Traditional certificates are designed to establish and document characteristics belonging to a specific individual, be it an identification number, a level of achievement, or membership status. The digital certificate extends this concept into the electronic world, identifying and linking the certificate holder to a public encryption key that is subsequently used as a means of identification. Current identity certificates provide unique identification and tracking, however it is exactly these characteristics that have led to concerns over identity theft and privacy of personal information. In this paper, we introduce a new type of certificate, called veiled certificate, which addresses these issues by providing means of linking certificates from multiple certifying authorities while masking the user's identity from non-authorized individuals and satisfying the regulatory need of unique, explicit identification. With the ability to be implemented within existing X.509 standards, veiled certification extends traditional digital certificates with features useful in combating identity theft and invasion of privacy.