Skip header Section
Skip Bibliometrics Section
Rethinking Public Key Infrastructures and Digital Certificates: Building in PrivacySeptember 2000
- Author:
- Stefan A. Brands
Skip Abstract Section
Abstract
From the Publisher:
As paper-based communication and transaction mechanisms are replaced by automated ones, traditional forms of security such as photographs and handwritten signatures are becoming outdated. Most security experts believe that digital certificates offer the best technology for safeguarding electronic communications. They are already widely used for authenticating and encrypting email and software, and eventually will be built into any device or piece of software that must be able to communicate securely. There is a serious problem, however, with this unavoidable trend: unless drastic measures are taken, everyone will be forced to communicate via what will be the most pervasive electronic surveillance tool ever built. There will also be abundant opportunity for misuse of digital certificates by hackers, unscrupulous employees, government agencies, financial institutions, insurance companies, and so on.
In this book Stefan Brands proposes cryptographic building blocks for the design of digital certificates that preserve privacy without sacrificing security. Such certificates function in much the same way as cinema tickets or subway tokens: anyone can establish their validity and the data they specify, but no more than that. Furthermore, different actions by the same person cannot be linked. Certificate holders have control over what information is disclosed, and to whom. Subsets of the proposed cryptographic building blocks can be used in combination, allowing a cookbook approach to the design of public key infrastructures. Potential applications include electronic cash, electronic postage, digital rights management, pseudonyms for online chat rooms, health care information storage, electronic voting, and even electronic gambling.
Cited By
Mir O, Bauer B, Griffy S, Lysyanskaya A and Slamanig D Aggregate Signatures with Versatile Randomization and Issuer-Hiding Multi-Authority Anonymous Credentials Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, (30-44)- Debes H and Giannetsos T RETRACT: Expressive Designated Verifier Anonymous Credentials Proceedings of the 18th International Conference on Availability, Reliability and Security, (1-12)
- Blazy O, Chevalier C, Renaut G, Ricosset T, Sageloli E and Senet H Efficient Implementation of a Post-Quantum Anonymous Credential Protocol Proceedings of the 18th International Conference on Availability, Reliability and Security, (1-11)
- Hoepman J (2023). Two faces of blindness, Designs, Codes and Cryptography, 91:8, (2705-2721), Online publication date: 1-Aug-2023.
- Masmoudi S, Laurent M and Kaaniche N (2022). PIMA, Journal of Network and Computer Applications, 208:C, Online publication date: 1-Dec-2022.
- Couteau G, Goudarzi D, Klooß M and Reichle M Sharp Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, (609-622)
- Garrido G, Sedlmeir J, Uludağ Ö, Alaoui I, Luckow A and Matthes F (2022). Revealing the landscape of privacy-enhancing technologies in the context of data markets for the IoT, Journal of Network and Computer Applications, 207:C, Online publication date: 1-Nov-2022.
- Halpin H A Critique of EU Digital COVID-19 Certificates: Do Vaccine Passports Endanger Privacy? Proceedings of the 17th International Conference on Availability, Reliability and Security, (1-8)
- Dzurenda P, Casanova-Marqués R, Malina L and Hajny J Real-world Deployment of Privacy-Enhancing Authentication System using Attribute-based Credentials Proceedings of the 17th International Conference on Availability, Reliability and Security, (1-9)
- AlMarshoud M, Al-Bayatti A and Kiraz M (2022). Location privacy in VANETs, Vehicular Communications, 36:C, Online publication date: 1-Aug-2022.
- Dzurenda P, Tafalla C, Ricci S and Malina L Privacy-Preserving Online Parking Based on Smart Contracts Proceedings of the 16th International Conference on Availability, Reliability and Security, (1-10)
- Dursun T and Üstündağ B (2021). A novel framework for policy based on-chain governance of blockchain networks, Information Processing and Management: an International Journal, 58:4, Online publication date: 1-Jul-2021.
- EdalatNejad K, Lueks W, Martin J, Ledésert S, L'Hôte A, Thomas B, Girod L and Troncoso C DATASHARENETWORK Proceedings of the 29th USENIX Conference on Security Symposium, (1911-1927)
- Errapotu S, Li H, Yu R, Ren S, Pei Q, Pan M and Han Z (2020). Clock Auction Inspired Privacy Preserving Emergency Demand Response in Colocation Data Centers, IEEE Transactions on Dependable and Secure Computing, 17:4, (691-702), Online publication date: 1-Jul-2020.
- Kim S and Wu D (2019). Multi-theorem Preprocessing NIZKs from Lattices, Journal of Cryptology, 33:3, (619-702), Online publication date: 1-Jul-2020.
- Gritti C, Önen M and Molva R Privacy-preserving delegable authentication in the internet of things Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing, (861-869)
- Fuchsbauer G, Hanser C and Slamanig D (2019). Structure-Preserving Signatures on Equivalence Classes and Constant-Size Anonymous Credentials, Journal of Cryptology, 32:2, (498-546), Online publication date: 1-Apr-2019.
- Ibrahim M, Kumari S, Das A and Odelu V (2018). Attribute-based authentication on the cloud for thin clients, The Journal of Supercomputing, 74:11, (5813-5845), Online publication date: 1-Nov-2018.
- Wu C, Fan C, Huang J, Tseng Y and Kikuchi H (2018). Probably Secure Efficient Anonymous Credential Scheme, International Journal of Software Innovation, 6:3, (18-35), Online publication date: 1-Jul-2018.
- De Fuentes J, González-Manzano L, Serna-Olvera J and Veseli F (2017). Assessment of attribute-based credentials for privacy-preserving road traffic services in smart cities, Personal and Ubiquitous Computing, 21:5, (869-891), Online publication date: 1-Oct-2017.
- Gerdes J, Huang C and Sharaf M (2017). Incorporating biometrics into veiled certificates, Electronic Commerce Research, 17:2, (289-316), Online publication date: 1-Jun-2017.
- Schröder D and Unruh D (2017). Security of Blind Signatures Revisited, Journal of Cryptology, 30:2, (470-494), Online publication date: 1-Apr-2017.
- Camenisch J, Drijvers M and Hajny J Scalable Revocation Scheme for Anonymous Credentials Based on n-times Unlinkable Proofs Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society, (123-133)
- Kolesnikov V, Krawczyk H, Lindell Y, Malozemoff A and Rabin T Attribute-based Key Exchange with General Policies Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, (1451-1463)
- Kiraz M and Uzunkol O (2016). Efficient and verifiable algorithms for secure outsourcing of cryptographic computations, International Journal of Information Security, 15:5, (519-537), Online publication date: 1-Oct-2016.
- Yang Y, Cai H, Wei Z, Lu H and Choo K Towards Lightweight Anonymous Entity Authentication for IoT Applications Proceedings, Part I, of the 21st Australasian Conference on Information Security and Privacy - Volume 9722, (265-280)
- Backes M, Meiser S and Schröder D Delegatable Functional Signatures Proceedings, Part I, of the 19th IACR International Conference on Public-Key Cryptography --- PKC 2016 - Volume 9614, (357-386)
- Förster D, Kargl F and Löhr H (2016). PUCA, Ad Hoc Networks, 37:P1, (122-132), Online publication date: 1-Feb-2016.
- Derler D, Hanser C and Slamanig D A New Approach to Efficient Revocable Attribute-Based Anonymous Credentials Proceedings of the 15th IMA International Conference on Cryptography and Coding - Volume 9496, (57-74)
- Scheir M, Balasch J, Rial A, Preneel B and Verbauwhede I (2015). Anonymous Split E-Cash—Toward Mobile Anonymous Payments, ACM Transactions on Embedded Computing Systems, 14:4, (1-25), Online publication date: 8-Dec-2015.
- Piedra A Efficient Implementation of AND, OR and NOT Operators for ABCs Revised Selected Papers of the 7th International Conference on Trusted Systems - Volume 9565, (183-199)
- Cassola A, Blass E and Noubir G Authenticating Privately over Public Wi-Fi Hotspots Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, (1346-1357)
- Locher P and Haenni R Verifiable Internet Elections with Everlasting Privacy and Minimal Trust Proceedings of the 5th International Conference on E-Voting and Identity - Volume 9269, (74-91)
- Pulls T and Slamanig D (2015). On the Feasibility of (Practical) Commercial Anonymous Cloud Storage, Transactions on Data Privacy, 8:2, (89-111), Online publication date: 1-Aug-2015.
- Zwattendorfer B and Slamanig D (2015). Design strategies for a privacy-friendly Austrian eID system in the public cloud, Computers and Security, 52:C, (178-193), Online publication date: 1-Jul-2015.
- Hanzlik L, Kubiak P and Kutyłowski M Tracing Attacks on U-Prove with Revocation Mechanism Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, (603-608)
- Dongoh Park (2015). Social Life of PKI: Sociotechnical Development of Korean Public-Key Infrastructure, IEEE Annals of the History of Computing, 37:2, (59-71), Online publication date: 1-Apr-2015.
- Lin X, Sun L and Qu H (2015). Insecurity of an anonymous authentication for privacy-preserving IoT target-driven applications, Computers and Security, 48:C, (142-149), Online publication date: 1-Feb-2015.
- Hölzl M, Asnake E, Mayrhofer R and Roland M Mobile Application to Java Card Applet Communication using a Password-authenticated Secure Channel Proceedings of the 12th International Conference on Advances in Mobile Computing and Multimedia, (147-156)
- Enaw E and Check N Public Key Infrastructure Deployment in Cameroon's Public Administration Proceedings of the 2014 Conference on Electronic Governance and Open Society: Challenges in Eurasia, (26-29)
- Hajny J, Dzurenda P and Malina L Privacy-PAC Proceedings of the 13th Workshop on Privacy in the Electronic Society, (93-96)
- Chase M, Meiklejohn S and Zaverucha G Algebraic MACs and Keyed-Verification Anonymous Credentials Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, (1205-1216)
- Piedra A, Hoepman J and Vullers P Towards a Full-Featured Implementation of Attribute Based Credentials on Smart Cards Proceedings of the 13th International Conference on Cryptology and Network Security - Volume 8813, (270-289)
- Derler D, Hanser C and Slamanig D Privacy-Enhancing Proxy Signatures from Non-interactive Anonymous Credentials Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy XXVIII - Volume 8566, (49-65)
- Ayed D, Bichsel P, Camenisch J and Hartog J Integration of Data-Minimising Authentication into Authorisation Systems Proceedings of the 7th International Conference on Trust and Trustworthy Computing - Volume 8564, (179-187)
- Slamanig D, Stranacher K and Zwattendorfer B User-centric identity as a service-architecture for eIDs with selective attribute disclosure Proceedings of the 19th ACM symposium on Access control models and technologies, (153-164)
- Benenson Z, Girard A, Krontiris I, Liagkou V, Rannenberg K and Stamatiou Y User Acceptance of Privacy-ABCs Proceedings of the Second International Conference on Human Aspects of Information Security, Privacy, and Trust - Volume 8533, (375-386)
- Yuen T, Susilo W and Mu Y (2014). Towards a cryptographic treatment of publish/subscribe systems, Journal of Computer Security, 22:1, (33-67), Online publication date: 1-Jan-2014.
- Alpár G and Hoepman J A secure channel for attribute-based credentials Proceedings of the 2013 ACM workshop on Digital identity management, (13-18)
- Chen L and Li J Flexible and scalable digital signatures in TPM 2.0 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, (37-48)
- Baldimtsi F and Lysyanskaya A Anonymous credentials light Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, (1087-1098)
- González-Tablas A, Alcaide A, De Fuentes J and Montero J (2013). Privacy-preserving and accountable on-the-road prosecution of invalid vehicular mandatory authorizations, Ad Hoc Networks, 11:8, (2693-2709), Online publication date: 1-Nov-2013.
- Buccafurri F, Fotia L and Lax G Allowing Non-identifying Information Disclosure in Citizen Opinion Evaluation Proceedings of the Second Joint International Conference on Technology-Enabled Innovation for Democracy, Government and Governance - Volume 8061, (241-254)
- Bjones R, Krontiris I, Paillier P and Rannenberg K Integrating Anonymous Credentials with eIDs for Privacy-Respecting Online Authentication Revised Selected Papers of the First Annual Privacy Forum on Privacy Technologies and Policy - Volume 8319, (111-124)
- Bender J, Dagdelen Ö, Fischlin M and Kügler D Domain-Specific pseudonymous signatures for the german identity card Proceedings of the 15th international conference on Information Security, (104-119)
- Camenisch J, Neven G and Rückert M Fully anonymous attribute tokens from lattices Proceedings of the 8th international conference on Security and Cryptography for Networks, (57-75)
- Bichsel P, Camenisch J, De Decker B, Lapon J, Naessens V and Sommer D Data-minimizing authentication goes mobile Proceedings of the 13th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security, (55-71)
- Alpár G, Batina L and Lueks W Designated attribute-based proofs for RFID applications Proceedings of the 8th international conference on Radio Frequency Identification: security and privacy issues, (59-75)
- Bichsel P, Camenisch J and Sommer D A calculus for privacy-friendly authentication Proceedings of the 17th ACM symposium on Access Control Models and Technologies, (157-166)
- Vimercati S, Foresti S, Jajodia S, Paraboschi S, Psaila G and Samarati P (2012). Integrating trust management and access control in data-intensive Web applications, ACM Transactions on the Web, 6:2, (1-43), Online publication date: 1-May-2012.
- Broy M, Cengarle M and Geisberger E Cyber-physical systems Proceedings of the 17th Monterey conference on Large-Scale Complex IT Systems: development, operation and management, (1-28)
- Deswarte Y and Gambs S The challenges raised by the privacy-preserving identity card Cryptography and Security, (383-404)
- Derler D, Potzmader K, Winter J and Dietrich K Anonymous ticketing for NFC-Enabled mobile phones Proceedings of the Third international conference on Trusted Systems, (66-83)
- Bichsel P, Camenisch J and Preiss F A comprehensive framework enabling data-minimizing authentication Proceedings of the 7th ACM workshop on Digital identity management, (13-22)
- Bichsel P and Preiss F Demo Proceedings of the 18th ACM conference on Computer and communications security, (733-736)
- Henry R, Olumofin F and Goldberg I Practical PIR for electronic commerce Proceedings of the 18th ACM conference on Computer and communications security, (677-690)
- Al-Sinani H and Mitchell C A universal client-based identity management tool Proceedings of the 8th European conference on Public Key Infrastructures, Services, and Applications, (49-74)
- Garg S, Rao V, Sahai A, Schröder D and Unruh D Round optimal blind signatures Proceedings of the 31st annual conference on Advances in cryptology, (630-648)
- Hu H and Ahn G Multiparty authorization framework for data sharing in online social networks Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy, (29-43)
- De Cristofaro E, Manulis M and Poettering B Private discovery of common social contacts Proceedings of the 9th international conference on Applied cryptography and network security, (147-165)
- Albergante L (2011). Automatic management of forums via artificial immune systems, International Journal of Autonomous and Adaptive Communications Systems, 4:2, (145-163), Online publication date: 1-Apr-2011.
- Deswarte Y and Gambs S (2010). A Proposal for a Privacy-preserving National Identity Card, Transactions on Data Privacy, 3:3, (253-276), Online publication date: 1-Dec-2010.
- Ardagna C, De Capitani di Vimercati S, Foresti S, Paraboschi S and Samarati P Supporting privacy preferences in credential-based interactions Proceedings of the 9th annual ACM workshop on Privacy in the electronic society, (83-92)
- Verslype K and De Decker B Measuring the user's anonymity when disclosing personal properties Proceedings of the 6th International Workshop on Security Measurements and Metrics, (1-8)
- Camenisch J, Kohlweiss M and Soriente C Solving revocation with efficient update of anonymous credentials Proceedings of the 7th international conference on Security and cryptography for networks, (454-471)
- Verslype K, Verhaeghe P, Lapon J, Naessens V and De Decker B PriMan Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy, (327-334)
- Dietrich K Anonymous RFID authentication using trusted computing technologies Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues, (91-102)
- Batina L, Hoepman J, Jacobs B, Mostowski W and Vullers P Developing efficient blinded attribute certificates on smart cards via pairings Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application, (209-222)
- Shang N, Paci F and Bertino E Efficient and privacy-preserving enforcement of attribute-based access control Proceedings of the 9th Symposium on Identity and Trust on the Internet, (63-68)
- Juels A, Catalano D and Jakobsson M Coercion-resistant electronic elections Towards Trustworthy Elections, (37-63)
- Tootoonchian A, Saroiu S, Ganjali Y and Wolman A Lockr Proceedings of the 5th international conference on Emerging networking experiments and technologies, (169-180)
- Bichsel P, Camenisch J, Groß T and Shoup V Anonymous credentials on a standard java card Proceedings of the 16th ACM conference on Computer and communications security, (600-610)
- Chase M and Chow S Improving privacy and security in multi-authority attribute-based encryption Proceedings of the 16th ACM conference on Computer and communications security, (121-130)
- Li J, Li N and Winsborough W (2009). Automated trust negotiation using cryptographic credentials, ACM Transactions on Information and System Security, 13:1, (1-35), Online publication date: 1-Oct-2009.
- Tews H and Jacobs B Performance Issues of Selective Disclosure and Blinded Issuing Protocols on Java Card Proceedings of the 3rd IFIP WG 11.2 International Workshop on Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks, (95-111)
- Layouni M, Verslype K, Sandıkkaya M, Decker B and Vangheluwe H Privacy-Preserving Telemonitoring for eHealth Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII, (95-110)
- Lee A, Minami K and Borisov N Confidentiality-preserving distributed proofs of conjunctive queries Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, (287-297)
- Bianchi G, Bonola M, Falletta V, Proto F and Teofili S (2008). The SPARTA pseudonym and authorization system, Science of Computer Programming, 74:1-2, (23-33), Online publication date: 1-Dec-2008.
- Bauer D, Blough D and Cash D Minimal information disclosure with efficiently verifiable credentials Proceedings of the 4th ACM workshop on Digital identity management, (15-24)
- Camenisch J, Groß T and Heydt-Benjamin T Rethinking accountable privacy supporting services Proceedings of the 4th ACM workshop on Digital identity management, (1-8)
- Chen S, Chen S, Guo H, Shen B and Jajodia S (2008). Achieving simultaneous distribution control and privacy protection for Internet media delivery, ACM Transactions on Multimedia Computing, Communications, and Applications, 4:2, (1-23), Online publication date: 1-May-2008.
- Bhaskar R, Chandrasekaran K, Lokam S, Montgomery P, Venkatesan R and Yacobi Y (2008). Vulnerabilities in Anonymous Credential Systems, Electronic Notes in Theoretical Computer Science (ENTCS), 197:2, (141-148), Online publication date: 1-Feb-2008.
- Bianchi G, Bonola M, Falletta V, Proto F and Teofili S (2008). The SPARTA Pseudonym and Authorization System, Electronic Notes in Theoretical Computer Science (ENTCS), 197:2, (57-71), Online publication date: 1-Feb-2008.
- Benjumea V, Choi S, Lopez J and Yung M Anonymity 2.0 - X.509 extensions supporting privacy-friendly authentication Proceedings of the 6th international conference on Cryptology and network security, (265-281)
- Layouni M Accredited symmetrically private information retrieval Proceedings of the Security 2nd international conference on Advances in information and computer security, (262-277)
- Gevers S, Verslype V and De Decker B Enhancing privacy in identity management systems Proceedings of the 2007 ACM workshop on Privacy in electronic society, (60-63)
- Brickell E and Li J Enhanced privacy id Proceedings of the 2007 ACM workshop on Privacy in electronic society, (21-30)
- Brands S, Demuynck L and De Decker B A practical system for globally revoking the unlinkable pseudonyms of unknown users Proceedings of the 12th Australasian conference on Information security and privacy, (400-415)
- Squicciarini A, Bertino E, Ferrari E, Paci F and Thuraisingham B (2007). PP-trust-X, ACM Transactions on Information and System Security, 10:3, (12-es), Online publication date: 1-Jul-2007.
- Layouni M and Vangheluwe H Anonymous k-show credentials Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice, (181-192)
- Flegel U and Meier M Authorization architectures for privacy-respecting surveillance Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice, (1-17)
- Yang Y, Deng R and Bao F Privacy-preserving credentials upon trusted computing augmented servers Proceedings of the 3rd international conference on Information security practice and experience, (177-192)
- Lysyanskaya A (2007). Authentication without Identification, IEEE Security and Privacy, 5:3, (69-71), Online publication date: 1-May-2007.
- Camenisch J, shelat a, Sommer D and Zimmermann R Securing user inputs for the web Proceedings of the second ACM workshop on Digital identity management, (33-44)
- Gevers S and De Decker B Privacy friendly information disclosure Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I, (636-646)
- Li J and Li N (2006). OACerts, IEEE Transactions on Dependable and Secure Computing, 3:4, (340-352), Online publication date: 1-Oct-2006.
- Benjumea V, Lopez J and Troya J (2006). Specification of a framework for the anonymous use of privileges, Telematics and Informatics, 23:3, (179-195), Online publication date: 1-Aug-2006.
- Pashalidis A and Meyer B Linking anonymous transactions Proceedings of the 6th international conference on Privacy Enhancing Technologies, (384-392)
- Wohlgemuth S and Müller G Privacy with delegation of rights by identity management Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security, (175-190)
- Pietro R, Mancini L, Durante A and Patil V Addressing the shortcomings of one-way chains Proceedings of the 2006 ACM Symposium on Information, computer and communications security, (289-296)
- Nasserian S and Tsudik G Revisiting oblivious signature-based envelopes Proceedings of the 10th international conference on Financial Cryptography and Data Security, (221-235)
- Kesdogan D and Palmer C (2006). Technical challenges of network anonymity, Computer Communications, 29:3, (306-324), Online publication date: 1-Feb-2006.
- Squicciarini A, Bertino E, Ferrari E and Ray I (2006). Achieving Privacy in Trust Negotiations with an Ontology-Based Approach, IEEE Transactions on Dependable and Secure Computing, 3:1, (13-30), Online publication date: 1-Jan-2006.
- Juels A, Catalano D and Jakobsson M Coercion-resistant electronic elections Proceedings of the 2005 ACM workshop on Privacy in the electronic society, (61-70)
- Li J, Li N and Winsborough W Automated trust negotiation using cryptographic credentials Proceedings of the 12th ACM conference on Computer and communications security, (46-57)
- Irwin K and Yu T Preventing attribute information leakage in automated trust negotiation Proceedings of the 12th ACM conference on Computer and communications security, (36-45)
- Demuynck L and De Decker B Privacy-preserving electronic health records Proceedings of the 9th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security, (150-159)
- Li J and Li N Policy-hiding access control in open environment Proceedings of the twenty-fourth annual ACM symposium on Principles of distributed computing, (29-38)
- Yang Y, Bao F and Deng R Security analysis and fix of an anonymous credential system Proceedings of the 10th Australasian conference on Information Security and Privacy, (537-547)
- Li J and Li N OACerts Proceedings of the Third international conference on Applied Cryptography and Network Security, (301-317)
- Kwon T and Moon H Multi-modal biometrics with PKI technologies for border control applications Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics, (99-114)
- Li N, Du W and Boneh D (2005). Oblivious signature-based envelope, Distributed Computing, 17:4, (293-302), Online publication date: 1-May-2005.
- Bagga W and Molva R Policy-based cryptography and applications Proceedings of the 9th international conference on Financial Cryptography and Data Security, (72-87)
- Irwin K and Yu T An identifiability-based access control model for privacy protection in open systems Proceedings of the 2004 ACM workshop on Privacy in the electronic society, (43-43)
- Bertino E, Ferrari E and Squicciarini A (2004). Trust Negotiations, Computing in Science and Engineering, 6:4, (27-34), Online publication date: 1-Jul-2004.
- Biskup J and Wortmann S Towards a credential-based implementation of compound access control policies Proceedings of the ninth ACM symposium on Access control models and technologies, (31-40)
- Bertino E, Ferrari E and Squicciarini A Privacy-Preserving trust negotiations Proceedings of the 4th international conference on Privacy Enhancing Technologies, (283-301)
- Pashalidis A and Mitchell C Limits to anonymity when using credentials Proceedings of the 12th international conference on Security Protocols, (4-12)
- Saari T and Turpeinen M Towards psychological customization of information for individuals and social groups Designing personalized user experiences in eCommerce, (19-37)
- Herzberg A and Mass Y (2004). Relying Party Credentials Framework, Electronic Commerce Research, 4:1-2, (23-39), Online publication date: 1-Jan-2004.
- Damiani E, De Capitani di Vimercati S and Samarati P (2003). Managing Multiple and Dependable Identities, IEEE Internet Computing, 7:6, (29-37), Online publication date: 1-Nov-2003.
- Impagliazzo R and More S Anonymous credentials with biometrically-enforced non-transferability Proceedings of the 2003 ACM workshop on Privacy in the electronic society, (60-71)
- Yu T and Winslett M Policy migration for sensitive credentials in trust negotiation Proceedings of the 2003 ACM workshop on Privacy in the electronic society, (9-20)
- Gates C and Slonim J Owner-controlled information Proceedings of the 2003 workshop on New security paradigms, (103-111)
- Li N, Du W and Boneh D Oblivious signature-based envelope Proceedings of the twenty-second annual symposium on Principles of distributed computing, (182-189)
- Kwon T Robust software tokens Proceedings of the 8th Australasian conference on Information security and privacy, (476-487)
- Persiano P and Visconti I An anonymous credential system and a privacy-aware PKI Proceedings of the 8th Australasian conference on Information security and privacy, (27-38)
- Bull L, Squire D, Newmarch J and Zheng Y Grouping verifiable content for selective disclosure Proceedings of the 8th Australasian conference on Information security and privacy, (1-12)
- Winslett M An introduction to trust negotiation Proceedings of the 1st international conference on Trust management, (275-283)
- Bull L, Stanski P and Squire D Content extraction signatures using XML digital signatures and custom transforms on-demand Proceedings of the 12th international conference on World Wide Web, (170-177)
- Yu T and Winslett M A Unified Scheme for Resource Protection in Automated Trust Negotiation Proceedings of the 2003 IEEE Symposium on Security and Privacy
- Dickinson I, Reynolds D, Banks D, Cayzer S and Vora P User profiling with privacy Intelligent information agents, (123-151)
- Jarecki S, Lincoln P and Shmatikov V Negotiated privacy Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems, (96-111)
- Seamons K, Winslett M, Yu T, Yu L and Jarvis R Protecting privacy during on-line trust negotiation Proceedings of the 2nd international conference on Privacy enhancing technologies, (129-143)
- Goldberg I Privacy-enhancing technologies for the internet, II Proceedings of the 2nd international conference on Privacy enhancing technologies, (1-12)
- Spiekermann S, Grossklags J and Berendt B E-privacy in 2nd generation E-commerce Proceedings of the 3rd ACM conference on Electronic Commerce, (38-47)
- Fuchsbauer G, Hanser C and Slamanig D Practical Round-Optimal Blind Signatures in the Standard Model Advances in Cryptology -- CRYPTO 2015, (233-253)
Recommendations
Revocation of privacy-enhanced public-key certificates
Special issue: Software engineering education and trainingThis paper presents a novel protocol for the revocation of privacy-enhanced/anonymous public-key certificates in relation to a protocol for anonymous public-key certificate issuing published previously. Not only can this certificate revocation protocol ...
Securely combining public-key cryptosystems
CCS '01: Proceedings of the 8th ACM conference on Computer and Communications SecurityIt is a maxim of sound computer-security practice that a cryptographic key should have only a single use. For example, an RSA key pair should be used only for public-key encryption or only for digital signatures, and not for both.In this paper we show ...