Pseudonymous Signature on eIDAS Token – Implementation Based Privacy Threats

Kutyłowski, Mirosław; Hanzlik, Lucjan; Kluczniak, Kamil

doi:10.1007/978-3-319-40367-0_31

Cited by 9 publications

(6 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, regarding security, our proposal permits the privacy preservation of the citizens' academic attributes thanks to the encrypted connections and the control they could exercise over them. However, other generic security aspects about the integration of the attribute providers into the eIDAS infrastructure should be analyzed in the future [49,50].…”

Section: Discussionmentioning

confidence: 99%

Enhancing University Services by Extending the eIDAS European Specification with Academic Attributes

et al. 2020

View full text Add to dashboard Cite

The European electronic IDentification, Authentication and trust Services (eIDAS) regulation makes available a solution to ensure the cross-border mutual recognition of electronic IDentification (eID) mechanisms among Member States. However, the basic set of attributes currently provided by each country only contains citizens’ personal and legal attributes, preventing e-services to take full advantage of citizens’ domain-specific information, such as academic or medical data. In this article, we propose an extension of the eIDAS specification to support academic attributes as part of citizens’ profiles. In addition, we present an architecture to enable the connection of eIDAS nodes to national attribute providers to enrich citizens’ profiles with additional academic attributes. We have deployed the eIDAS extension in the specific case of the Spanish eIDAS infrastructure, and we have connected it to an attribute provider of the Technical University of Madrid (UPM). We have also improved a set of institutional services of that university by enabling the connection to eIDAS and enhancing the features offered to students based on their academic profiles retrieved from the eIDAS extended infrastructure. Finally, we have evaluated the resulting services thanks to real students from two different countries, concluding that the widespread adoption of the proposed solution in the academic services of European universities will greatly improve their quality and usability.

show abstract

Section: Discussionmentioning

confidence: 99%

Enhancing University Services by Extending the eIDAS European Specification with Academic Attributes

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Pseudo-anonymous signatures[BHK + 18] for identity documents provide an interesting technical solution to the problem of anonymous authentication using identity documents. However, the proposed schemes present a number of shortcomings that discourage their use in the present setting: some schemes are closely tied to particular countries (i.e., the German Identity Card [BDFK12,fIS16,KHK18]), thus non-general purpose enough to include any country in the world, or flexible to adapt to future changes; they require interaction with an issuer during card initialization; they feature protocols for deanonymisation and revocation, not desired in the setting considered in this paper; the initial German scheme [fIS16] could easily be subverted [KHK16] because the formalization of pseudo-anonymous signatures is still incipient [KHK], and improvements are being worked out [BCLP14,Klu16,KHK18].…”

Section: Related Literaturementioning

confidence: 99%

Zero-Knowledge Proof-of-Identity: Sybil-Resistant, Anonymous Authentication on Permissionless Blockchains and Incentive Compatible, Strictly Dominant Cryptocurrencies

Sánchez¹

2019

SSRN Journal

View full text Add to dashboard Cite

“…where one of the keys is chosen at random and x is fixed for a group of users. The trick is to introduce another linear equality based on a pseudorandom coefficient personalized for each user [20] as given below:…”

Section: Pseudonymous Signaturesmentioning

confidence: 99%

“…Indeed, while s i can be used in any domain, the second parameter U dom,i is domain specific. While the Domain Authority can derive a candidate for U dom,i based on equality (2), it is infeasible to check that it has the form dPK u i even if these values are available for i in different domains, say dPK u i 1 , dPK u i 2 , … Another attack presented in [20] entails creation of a shadow eID-an extra eID document that can be used to recover pseudonym of a given user i in any domain without the user's private key and without the possibility to prove that such an attack is taking place. For this purpose, an eID with shadow keys x i,1 , x i,2 is prepared.…”

Section: Pseudonymous Signaturesmentioning

confidence: 99%

See 1 more Smart Citation

Pseudonymous Signature Schemes

Błaśkiewicz

Hanzlik

Kluczniak

et al. 2018

Advances in Cyber Security: Principles, Techniques, and Applications

Self Cite

View full text Add to dashboard Cite

The chapter concerns cryptographic schemes enabling to sign digital data in a pseudonymized way. The schemes aim to provide a strong cryptographic evidence of integrity of the signed data and origin of the signature, but at the same time have to hide the identity of the signatory. There are two crucial properties that are specific for pseudonymous signatures: ability to recover the real identity of the signatory in certain circumstances and resilience to Sybil attacks. Despite using a single private key, the signatory can create a (single) unlinkable pseudonym for each domain or sector of activity and generate signatures corresponding to this pseudonym.

show abstract

Pseudonymous Signature on eIDAS Token – Implementation Based Privacy Threats

Cited by 9 publications

References 4 publications

Enhancing University Services by Extending the eIDAS European Specification with Academic Attributes

Enhancing University Services by Extending the eIDAS European Specification with Academic Attributes

Zero-Knowledge Proof-of-Identity: Sybil-Resistant, Anonymous Authentication on Permissionless Blockchains and Incentive Compatible, Strictly Dominant Cryptocurrencies

Pseudonymous Signature Schemes

Contact Info

Product

Resources

About