Security enhanced accountable anonymous PKI certificates for mobile e-commerce

Authors:
D. Critchlow;N. Zhang
Affiliations:
Department of Computer Science, University of Manchester, Oxford Road, Manchester, M13 9PL, UK;Department of Computer Science, University of Manchester, Oxford Road, Manchester, M13 9PL, UK
Venue:
Computer Networks: The International Journal of Computer and Telecommunications Networking
Year:
2004

Citing 11
Cited 5

Security without identification: transaction systems to make big brother obsolete

Communications of the ACM
Cryptography and network security (2nd ed.): principles and practice

Cryptography and network security (2nd ed.): principles and practice
Crowds: anonymity for Web transactions

ACM Transactions on Information and System Security (TISSEC)
Unlinkable serial transactions: protocols and applications

ACM Transactions on Information and System Security (TISSEC)
Information security: protecting the global enterprise

Information security: protecting the global enterprise
A protocol for anonymous communication over the Internet

Proceedings of the 7th ACM conference on Computer and communications security
Untraceable electronic mail, return addresses, and digital pseudonyms

Communications of the ACM
Cryptography and E-Commerce

Cryptography and E-Commerce
Accountable Anonymous Access to Services in Mobile Communication Systems

SRDS '99 Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems
Achieving user privacy in mobile networks

ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
Anonymous connections and onion routing

IEEE Journal on Selected Areas in Communications

Specification of a framework for the anonymous use of privileges

Telematics and Informatics - Special issue: Developing a culture of privacy in the global village
Design and implementation of wireless PKI technology suitable for mobile phone in mobile-commerce

Computer Communications
Anonymous reputation based reservations in e-commerce (amnesic)

Proceedings of the 13th International Conference on Electronic Commerce
A privacy-preserving buyer-seller watermarking protocol with semi-trust third party

TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
An ECC based public key infrastructure usable for mobile applications

Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents enhancements to an anonymous public-key certificate scheme originally intended for anonymous and fair document exchange. The appropriate use of these certificates may enable a party with access to a mobile phone and/or laptop computer to conduct multiple mobile e-commerce transactions anonymously yet accountably and thereby reduce the risk of developing a pseudonymous on-line profile. We propose modifications to the existing scheme to solve a recognised security flow. The proof of rightful ownership of the anonymous/real public-key certificate presented to obtain a (further) anonymous public-key certificate is presently achieved with a single piece of evidence, i.e. the private key associated with the presented certificate. Should an adversary compromise this key, then the adversary may obtain anonymous certificates in the rightful owner's name. Our proposal minimises the risk of an adversary obtaining anonymous certificates with a compromised private key.