International Journal of Information Security

, Volume 11, Issue 1, pp 33–40 | Cite as

A warning on how to implement anonymous credential protocols into the information card framework

  • Mikaël Ates
  • Francesco Buccafurri
  • Jacques Fayolle
  • Gianluca Lax
Regular Contribution


Unlinkability is a privacy feature supported by those multi-party security protocols allowing anonymous users’ credential exchanges among different organizations. Proper signature schemes, based on discrete logarithms, must be used in order to guarantee the above requirements as well as selective disclosure of information. In this paper, we highlight that whenever a concrete architecture based on the above protocols is implemented, some aspects concerning how to manage the association between bases of discrete logarithms and attributes used in attribute certificates should be carefully considered, in order to guarantee that unlinkability really holds. We show that the problem is concrete by testing that the state-of-the-art implementation suffers from the above problem. A general solution is also proposed.


Unlinkability Attribute certificates Privacy U-Prove 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bhargav-Spantzel, A., Camenisch, J., Gross, T., Sommer, D.: User centricity: a taxonomy and open issues. In: DIM ’06: Proceedings of the second ACM workshop on Digital identity management, pp. 1–10. ACM, New York, NY, USA (2006)Google Scholar
  2. 2.
    Narayanan A., Shmatikov V.: Myths and fallacies of personally identifiable information. Commun. ACM. 53(6), 24–26 (2010)CrossRefGoogle Scholar
  3. 3.
    Pfitzmann, A., Kohntopp, M.: Anonymity, unobservability, and pseudonymity - a proposal for terminology. In: Lecture Notes in Computer Science: Designing Privacy Enhancing Technologies, vol. 2009, pp. 1–9. Springer, Berlin/Heidelberg (2001)Google Scholar
  4. 4.
    Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: International Conference on Security in Communication Networks—Lecture Notes in Computer Science, vol. 2576, pp. 268–289 (200)Google Scholar
  5. 5.
    Brands S.A.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge, MA (2000)Google Scholar
  6. 6.
    U-Prove: Microsoft corporation technology. (2010) Accessed 1 Sep 2010
  7. 7.
    Brands, S.: U-prove technology overview v1.0. Technical report (2010)Google Scholar
  8. 8.
    Balopoulos T., Gritzalis S., Katsikas S.: Specifying and implementing privacy-preserving cryptographic protocols. Int. J. Inf. Secur. 7, 395–420 (2008). doi: 10.1007/s10207-008-0057-y CrossRefGoogle Scholar
  9. 9.
    Ahn, L.V.: Public-key steganography. In: Advances in Cryptology Proceedings of Eurocrypt 04, pp. 323–341. Springer (2004)Google Scholar
  10. 10.
    Scott, C.: Network covert channels: Review of current state and analysis of viability of the use of x.509 certificates for covert communications. Technical report (2008)Google Scholar
  11. 11.
    Murdoch, S.J.: Covert channel vulnerabilities in anonymity systems. Technical report (2007)Google Scholar
  12. 12.
    Chaum D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM. 24(2), 84–90 (1981)CrossRefGoogle Scholar
  13. 13.
    Chaum D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM. 28(10), 1030–1044 (1985)CrossRefGoogle Scholar
  14. 14.
    Chaum, D.: Blind signatures for untraceable payments. In: International Cryptology Conference on Advances in Cryptology, pp. 199–203. (1983)Google Scholar
  15. 15.
    Chaum D., Fiat A., Naor M.: Untraceable electronic cash. In: International Cryptology Conference on Advances in Cryptology, pp. 319–327. Springer, London, UK (1990)Google Scholar
  16. 16.
    Ciriani V., De Capitani di Vimercati S., Foresti S., Samarati S.: Theory of privacy and anonymity. In: Atallah, M., Blanton, M. (eds) Algorithms and Theory of Computation Handbook, 2nd edn, CRC Press, Boca Raton, FL (2009)Google Scholar
  17. 17.
    Pashalidis A., Mitchell C.: Limits to anonymity when using credentials. In: Christianson, B., Crispo, B., Malcolm, J., Roe, M (eds) Security Protocols Lecture Notes in Computer Science, vol 3957., pp. 4–12. Springer, Berlin/Heidelberg (2006). doi: 10.1007/11861386_2 Google Scholar
  18. 18.
    Ates, M.: Digital identities : User centric and privacy-respectful cross-organizational identity management. PhD thesis, Université de Lyon—SATIN Team DIOM Laboratory Telecom Saint-Etienne University of Saint-Etienne (2009)Google Scholar
  19. 19.
    Paquin, C.: U-prove technology integration into the identity metasystem v1.0. Technical report (2010)Google Scholar
  20. 20.
    Brands, S., Paquin, C.: U-prove cryptographic specification v1.0. Technical report (2010)Google Scholar
  21. 21.
    Steinbrecher, S., Kpsell, S.: Modelling unlinkability. Lecture Notes in Computer Science, vol. 2760, pp. 32–47 (2003)Google Scholar
  22. 22.
    Housley, R., Ford, W., W.Polk, Solo, D.: Internet X509 Public Key Infrastructure Certificate and CRL Profile. In: IETF RFC 2459. (1999)Google Scholar
  23. 23.
    US-DoD: Trusted Computer System Evaluation. US Department of Defense. The Orange Book. Publication DoD 5200.28-STD (1984)Google Scholar
  24. 24.
    Paquin, C., Thompson, G.: U-prove ctp white paper. Technical report (2010)Google Scholar
  25. 25.
    Housley, R.: Internet X. 509 Public Key Infrastructure Certificate and Certification Revocation List (CRL) Profile. RFC 3280 (2002)Google Scholar

Copyright information

© Springer-Verlag 2011

Authors and Affiliations

  • Mikaël Ates
    • 1
  • Francesco Buccafurri
    • 2
  • Jacques Fayolle
    • 3
  • Gianluca Lax
    • 2
  1. 1.Entr’ouvertParisFrance
  2. 2.DIMETUniversity of Reggio CalabriaReggio CalabriaItaly
  3. 3.DIOMUniversité de LyonSaint-EtienneFrance

Personalised recommendations