Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Automated Verification of Remote Electronic Voting Protocols in the Applied Pi-Calculus
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Automated Formal Analysis of a Protocol for Secure File Sharing on Untrusted Storage
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Analyzing an Electronic Cash Protocol Using Applied Pi Calculus
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Automatic verification of correspondences for security protocols
Journal of Computer Security
New attacks on PKCS#1 v1.5 encryption
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Computer-assisted verification of a protocol for certified email
SAS'03 Proceedings of the 10th international conference on Static analysis
Analysis of an electronic voting protocol in the applied pi calculus
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
A formal model of identity mixer
FMICS'10 Proceedings of the 15th international conference on Formal methods for industrial critical systems
Hi-index | 0.00 |
Anonymous credentials are widely used to certify properties of a credential owner or to support the owner to demand valuable services, while hiding the user's identity at the same time. A credential system (a.k.a. pseudonym system) usually consists of multiple interactive procedures between users and organizations, including generating pseudonyms, issuing credentials and verifying credentials, which are required to meet various security properties. We propose a general symbolic model (based on the applied pi calculus) for anonymous credential systems and give formal definitions of a few important security properties, including pseudonym and credential unforgeability, credential safety, pseudonym untraceability. We specialize the general formalization and apply it to the verification of a concrete anonymous credential system proposed by Camenisch and Lysyanskaya. The analysis is done automatically with the tool ProVerif and several security properties have been verified.