authentication with privacy and security · problems with online logins … user unfriendly …...
TRANSCRIPT
Authentication with Privacy and Security
—the maths behind attribute-based credentials—
Greg Alpá[email protected]
Open Universiteit, Radboud Universiteit
August 25 and September 1, 2018
1 / 13
Who is this guy?
… Maths and maths teaching (MSc) – ELTE… Mathematics for Industry (MTD, PDEng) – TU/e… Computer Science (PhD) – RU… Assistant Professor (UD) – OU (, RU)
… Number Theory, Abstract algebra… Coding theory, Cryptography… Privacy
… ABC Technology Workshop
… Open Maths – Comenius Grant (Innovative UniversityEducation)
2 / 13
Attribute-based credentials
3 / 13
4 / 13
Problems with online logins
… User unfriendly… Often insecure… Often identifying
5 / 13
6 / 13
Problems with online logins
or they are:… Always identifying… Highly centralized & traceable
Attribute-based credentials to the rescue!
7 / 13
What is this ABC?
… Attribute-Based Credentials (ABCs)… Specifically IBM’s Identity mixer (Idemix) based on the
Camenisch–Lysyanskaya signature… A credential is a cryptographic container
… Signature: authenticity, integrity, ‘verifiability’… . . . on a block of messages, called attributes… Randomisation (blind)… Selective disclosure
8 / 13
Demo time
9 / 13
Attribute-based credential – selective disclosure
User ServiceProvider
sk
> 12
> 16
> 18
> 21
1. Request service
2. Policy
3. Show credential> 12
> 12
> 12
> 18
> 12
blackboard...10 / 13
ABC issuing
Usersk
IdP2
IdP1
...
IdPn
xa1
a2...
an
sk
bn
b1
b2...
bn
sk
Issuance
Issuance
11 / 13
An ABC system
IdentityProvider
User ServiceProvider
ska1...
ana.
Requ
estcre
denti
al
b.Iss
uecre
denti
al
1. Request service
2. Policy
3. Show attributes (sel. disclosure)
Trust
12 / 13
ABC summary
… Independence between issuing and showing: time and protocol… Credential: security for the system
… Authenticity… Integrity… Non-transferability
… Credential: privacy for the user… Selective disclosure… Issuer unlinkability (even the issuer can not identify a
non-identifying attribute when it is disclosed)… Multi-show unlinkability (it is impossible to distinguish
whether two of the same non-identifying, disclosedattributes belong to the same user)
… ...and all of this with elegant mathematics!
T H A N K Y O U !
13 / 13