Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Networks without user observability—design options
Proc. of a workshop on the theory and application of cryptographic techniques on Advances in cryptology---EUROCRYPT '85
Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
Communications of the ACM
Consistent, yet anonymous, Web access with LPWA
Communications of the ACM
The platform for privacy preferences
Communications of the ACM
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
MDx-MAC and Building Fast MACs from Hash Functions
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
How to Make Personalized Web Browising Simple, Secure, and Anonymous
FC '97 Proceedings of the First International Conference on Financial Cryptography
Privacy-enhancing technologies for the Internet
COMPCON '97 Proceedings of the 42nd IEEE International Computer Conference
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Blocking Java Applets at the Firewall
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
Lightweight security primitives for E-Commerce
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
Security of web browser scripting languages: vulnerabilities, attacks, and remedies
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Unlinkable serial transactions: protocols and applications
ACM Transactions on Information and System Security (TISSEC)
Privacy-preserving global customization
Proceedings of the 2nd ACM conference on Electronic commerce
Proceedings of the 13th international conference on World Wide Web
Stronger password authentication using browser extensions
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Contextual OTP: mitigating emerging man-in-the-middle attacks with wireless hardware tokens
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Authorization architectures for privacy-respecting surveillance
EuroPKI'07 Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice
| Hi-index | 0.00 |
This paper introduces a cryptographic engine, Janus, which assists clients in establishing and maintaining secure and pseudonymous relationships with multiple servers. The setting is such that clients reside on a particular subnet (e.g., corporate intranet, ISP) and the servers reside anywhere on the Internet. The Janus engine allows each client-server relationship to use either weak or strong authentication on each interaction. At the same time, each interaction preserves privacy by neither revealing a clients true identity (except for the subnet) nor the set of servers with which a particular client interacts. Furthermore, clients do not need any secure long-term memory, enabling scalability and mobility. The interaction model extends to allow servers to send data back to clients via e-mail at a later date. Hence, our results complement the functionality of current network anonymity tools and remailers. The paper also describes the design and implementation of the Lucent Personalized Web Assistant (LPWA), which is a practical system that provides secure and pseudonymous relations with multiple servers on the Internet. LPWA employs the Janus function to generate site-specific person聭, which consist of alias usernames, passwords, and e-mail addresses.