Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
A secure and privacy-protecting protocol for transmitting personal information between organizations
Proceedings on Advances in cryptology---CRYPTO '86
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
SAC '99 Proceedings of the 6th Annual International Workshop on Selected Areas in Cryptography
Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
An identifiability-based access control model for privacy protection in open systems
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Hi-index | 0.00 |
Anonymous credentials allow to selectively disclose personal properties included in the credential, while hiding the other information. For instance, a user could only disclose that he is an adult using a credential in which zip code and date of birth are included, which remain hidden for the verifier. This is a considerable improvement w.r.t. the user's anonymity. However, by disclosing too much personal properties, the user can drastically decrease his anonymity and can even become identifiable. Credentials can be shown multiple times under the same pseudonym, making usages of the same credential linkable which introduces new anonymity threats. These threats are discussed in this paper and a method is proposed whereby a user agent retrieves data in order to inform the user about his minimum level of anonymity w.r.t. a particular service provider.