Ninja: non identity based, privacy preserving authentication for ubiquitous environments

Authors:
Adrian Leung;Chris J. Mitchell
Affiliations:
Information Security Group, Royal Holloway, University of London, Egham, Surrey, UK;Information Security Group, Royal Holloway, University of London, Egham, Surrey, UK
Venue:
UbiComp '07 Proceedings of the 9th international conference on Ubiquitous computing
Year:
2007

Citing 16
Cited 15

The knowledge complexity of interactive proof systems

SIAM Journal on Computing
Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems

Journal of the ACM (JACM)
Privacy Protection for Transactions of Digital Goods

ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
What do we mean by entity authentication?

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
PrudentExposure: A Private and User-centric Service Discovery Protocol

PERCOM '04 Proceedings of the Second IEEE International Conference on Pervasive Computing and Communications (PerCom'04)
Direct anonymous attestation

Proceedings of the 11th ACM conference on Computer and communications security
Supporting service discovery, querying and interaction in ubiquitous computing environments

Wireless Networks - Special issue: Pervasive computing and communications
Private authentication

Theoretical Computer Science - Special issue: Foundations of wide area network computing
Expose or Not? A Progressive Exposure Approach for Service Discovery in Pervasive Computing Environments

PERCOM '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications
Privacy in e-commerce: stated preferences vs. actual behavior

Communications of the ACM - Transforming China
Service Discovery in Pervasive Computing Environments

IEEE Pervasive Computing
Toward Distributed Service Discovery in Pervasive Computing Environments

IEEE Transactions on Mobile Computing
A Private, Secure, and User-Centric Information Exposure Model for Service Discovery Protocols

IEEE Transactions on Mobile Computing
Towards security and privacy for pervasive computing

ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
A signature scheme with efficient protocols

SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Anonymous authentication

SP'04 Proceedings of the 12th international conference on Security Protocols

Challenges and architectural approaches for authenticating mobile users

Proceedings of the 1st international workshop on Software architectures and mobility
A New Direct Anonymous Attestation Scheme from Bilinear Maps

Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
On a Possible Privacy Flaw in Direct Anonymous Attestation (DAA)

Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
A mobile device management framework for secure service delivery

Information Security Tech. Report
On Proofs of Security for DAA Schemes

ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Security-preserving asymmetric protocol encapsulation

ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Anonymous authentication with TLS and DAA

TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
A pairing-based DAA scheme further reducing TPM resources

TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
An anonymous attestation scheme with optional traceability

TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
A flexible privacy and trust based context-aware secure framework

ICOST'10 Proceedings of the Aging friendly technology for health and independence, and 8th international conference on Smart homes and health telematics
Managing security and privacy in ubiquitous eHealth information interchange

Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication
Key exchange with anonymous authentication using DAA-SIGMA protocol

INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Mutual remote attestation: enabling system cloning for TPM based platforms

STM'11 Proceedings of the 7th international conference on Security and Trust Management
A (corrected) DAA scheme using batch proof and verification

INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Flexible and scalable digital signatures in TPM 2.0

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Most of today's authentication schemes involve verifying the identity of a principal in some way. This process is commonly known as entity authentication. In emerging ubiquitous computing paradigms which are highly dynamic and mobile in nature, entity authentication may not be sufficient or even appropriate, especially if a principal's privacy is to be protected. In order to preserve privacy, other attributes (e.g. location or trustworthiness) of the principal may need to be authenticated to a verifier. In this paper we propose Ninja: a non-identity-based authentication scheme for a mobile ubiquitous environment, in which the trustworthiness of a user's device is authenticated anonymously to a remote Service Provider (verifier), during the service discovery process. We show how this can be achieved using Trusted Computing functionality.