Identity Escrow Protocol and Anonymity Analysis in the Applied Pi-Calculus

Authors:
Aybek Mukhamedov;Mark D. Ryan
Affiliations:
University of Birmingham;University of Birmingham
Venue:
ACM Transactions on Information and System Security (TISSEC)
Year:
2010

Citing 9
Cited 0

Mobile values, new names, and secure communication

POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
An Identity Escrow Scheme with Appointed Verifiers

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Fair Public-Key Cryptosystems

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Identity Escrow

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Failsafe Key Escrow Systems (Extended Abstract)

Failsafe Key Escrow Systems (Extended Abstract)
Hiding names: private authentication in the applied pi calculus

ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Analysis of an electronic voting protocol in the applied pi calculus

ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
On anonymity with identity escrow

FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust

Quantified Score

Hi-index	0.00

Visualization

Abstract

Anonymity with identity escrow attempts to allow users of an online service to remain anonymous, while providing the possibility that the service owner can break the anonymity in exceptional circumstances, such as to assist in a criminal investigation. In the article, we propose an identity escrow protocol that distributes user identity among several escrow agents. The main feature of our scheme is it is based on standard encryption algorithms and it provides user anonymity even if all but one escrow holders are dishonest acting in a coalition. We also present analysis of the anonymity property of our protocol in the applied pi-calculus. We review a related scheme by Marshall and Molina-Jiminez [2003] that aimed to achieve goals similar to ours, and show that their scheme suffers from serious weaknesses.