Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Twin signatures: an alternative to the hash-and-sign paradigm
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
The Global Internet Trust Register
The Global Internet Trust Register
Anonymous traceable disclosure scheme using pairing over elliptic curve
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Privacy and identity management for everyone
Proceedings of the 2005 workshop on Digital identity management
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Hi-index | 0.00 |
We introduce the notion of StemCerts, a digital certificate scheme that allows the user to modify some fields of a digital certificate while keeping it valid. The owner can modify a StemCert in a limited and controlled fashion without interacting with the Certification Authority which issued it. By modifying her identity, the user can achieve "pseudonymous anonymity" - but the CA can still associate a certificate to its owner - and/or handle temporary or permanent address changes. Modifying the expiry date allows the user to transform her certificate into a set of "one time" certificates, thus alleviating the need for revocation lists. We developed two proof-of-concept implementations for this new scheme. The first one was based on Chameleon Hash functions, while the second one was based on the use of two chained, standard X.509 v3 certificates. We also present experimental data collected from the prototype implementations that show how the second prototype can easily be adopted in real environments, possibly exploiting smartcard technology.