Advertisement

Anonymous certification for E-assessment opinion polls

  • Nesrine Kaaniche
  • Chistophe Kiennert
  • Maryline Laurent
  • Joaquin Garcia-AlfaroEmail author
Original Research
  • 13 Downloads

Abstract

Anonymous certification (AC) refers to cryptographic mechanisms in which users get certified from trusted issuers, with regard to some pre-defined user attributes, in order to produce presentation tokens. Such tokens satisfy service providers’ access policies, without revealing sensitive user information. AC systems are generally classified under two main different categories: (1) one-time show credentials that can be shown once for avoiding their originating user being traced from one transaction to another, and (2) multi-show credentials that can be used many times while avoiding their originating user to be traced. In this paper, we consider e-assessment opinion polls scenarios and propose an AC scheme where the one-time show property is relevant for making sure each user cannot hand in more than one poll in order to get significant results. To mitigate cheating, the scheme is provided with two extra procedures: attribute revocation and anonymity removal. The correctness of our scheme, as well as unforgeability, privacy and anonymity removal, are analyzed and demonstrated.

Keywords

Security and protection Access control Management of computing and information systems Privacy Anonymous credentials Attribute-based signatures Bilinear pairings Anonymous certification 

Notes

Acknowledgements

This work is supported by the H2020-ICT-2015/H2020-ICT-2015 TeSLA project An Adaptive Trust-based e-assessment System for Learning, number 688520. Authors acknowledge as well support from the European Commission (H2020 SPARTA project), under Grant agreement 830892.

References

  1. Aïmeur E, Hage H (2010) Preserving learners privacy. In: Nkambou R, Bourdeau J, Mizoguchi R (eds) Advances in intelligent tutoring systems. Springer, Berlin, pp 465–483CrossRefGoogle Scholar
  2. Aïmeur E, Hage H, Onana FSM (2008) Anonymous credentials for privacy-preserving e-learning. In: E-Technologies, 2008 international MCETECH conference on, IEEE, pp 70–80.  https://doi.org/10.1109/MCETECH.2008.26
  3. Beimel A (1996) Secret sharing and key distribution. In: Research thesisGoogle Scholar
  4. Belguith S, Kaaniche N, Laurent M, Jemai A, Attia R (2017) Constant-size threshold attribute based signcryption for cloud applications. In: 14th international conference on security and cryptography (SECRYPT 2017), vol 6, pp 212–225. http://www.scitepress.org/DigitalLibrary/Link.aspx?doi=10.5220/0006469202120225
  5. Belguith S, Kaaniche N, Laurent M, Jemai A, Attia R (2018a) Phoabe: securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IOT. Comput Netw 133:141–156.  https://doi.org/10.1016/j.comnet.2018.01.036 CrossRefGoogle Scholar
  6. Belguith S, Kaaniche N, Russello G (2018b) Pu-abe: Lightweight attribute-based encryption supporting access policy update for cloud assisted iot. In: 2018 IEEE 11th International Conference on Cloud Computing (CLOUD), pp 924–927. IEEE.  https://doi.org/10.1109/CLOUD.2018.00137
  7. Brands SA (2000) Rethinking public key infrastructures and digital certificates: building in privacy. MIT Press, CambridgeCrossRefGoogle Scholar
  8. Camenisch J, Lysyanskaya A (2001) An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann B (ed) Advances in cryptology EUROCRYPT 2001. Springer, Innsbruck (Tyrol), pp 93–118CrossRefGoogle Scholar
  9. Camenisch J, Mödersheim S, Sommer D (2010) A formal model of identity mixer. In: Kowalewski S, Roveri M (eds) Formal methods for industrial critical systems. FMICS 2010. Lecture notes in computer science, vol 6371. Springer, Berlin, Heidelberg, pp 198–214Google Scholar
  10. Chaum D (1985) Security without identification: transaction systems to make big brother obsolete. Commun ACM 28(10):1030–1044CrossRefGoogle Scholar
  11. Cole J, Foster H (2007) Using Moodle: teaching with the popular open source course management system. O’Reilly Media, Inc, NewtonGoogle Scholar
  12. Gathuri JW, Luvanda A, Matende S, Kamundi S (2014) Impersonation challenges associated with e-assessment of university students. J Inf Eng Appl 4(7):60–68Google Scholar
  13. Herranz J, Laguillaumie F, Libert B, Ràfols C (2012) Short attribute-based signatures for threshold predicates. In: Dunkelman O (ed) Topics in cryptology – CT-RSA 2012. CT-RSA 2012. Lecture notes in computer science, vol 7178. Springer, Berlin, Heidelberg, pp 51–67Google Scholar
  14. IBM (2018) IBM identity mixer. https://www.zurich.ibm.com/identity_mixer/. Accessed July 2019
  15. Kaaniche N, Laurent M (2016) Attribute-based signatures for supporting anonymous certification. In: Askoxylakis I, Ioannidis S, Katsikas S, Meadows C (eds) European symposium on research in computer security. Springer, Heraklion, pp 279–300Google Scholar
  16. Kaaniche N, Laurent M, Rocher P-O, Kiennert C, Garcia-Alfaro J (2017) PCS, a privacy-preserving certification scheme. In: Data privacy management, and security assurance—12th international workshop, DPM 2017, Oslo, Norway, September, 2017, Lecture notes in computer science. SpringerGoogle Scholar
  17. Karchmer M, Wigderson A (1993) On span programs. In: In Proc. of the 8th IEEE Structure in Complexity Theory.  https://doi.org/10.1109/SCT.1993.336536
  18. Kiennert C, Kaaniche N, Laurent M, Rocher P-O, Garcia-Alfaro J (2017a) Anonymous certification for an e-assessment framework. In: Lipmaa H, Mitrokotsa A, Matulevičius R (eds) Nordic conference on secure IT systems. Springer, Tartu, pp 70–85CrossRefGoogle Scholar
  19. Kiennert C, Rocher PO, Ivanova M, Rozeva A, Durcheva M, Garcia-Alfaro J (2017b) Security challenges in e-assessment and technical solutions. In: 8th international workshop on interactive environments and emerging technologies for eLearning, 21st international conference on information visualization, London, UKGoogle Scholar
  20. Kim S-K, Huh J-H (2018) A study on the LMS platform performance and performance improvement of k-moocs platform from learner’s perspective. In: Park JJ, Loia V, Raymond Choo K-K, Yi G (eds) Advanced multimedia and ubiquitous engineering. Springer, Salerno, pp 781–786Google Scholar
  21. Li J, Au MH, Susilo W, Xie D, Ren K (2010) Attribute-based signature and its applications. ASIACCS ’10Google Scholar
  22. Lindell Y, Katz J (2014) Introduction to modern cryptography. Chapman and Hall/CRC, New YorkzbMATHGoogle Scholar
  23. Liu X, Xia Y, Sun Z (2017) Provably secure attribute based signcryption with delegated computation and efficient key updating. KSII Trans Internet Inf Syst 11(5):2646Google Scholar
  24. Maji HK, Prabhakaran M, Rosulek M (2011) Attribute-based signatures. In: Pfitzmann B (ed) Cryptographers track at the RSA conference. Springer, Innsbruck, pp 376–392Google Scholar
  25. Okamoto T, Takashima K (2011) Efficient attribute-based signatures for non-monotone predicates in the standard model. In: Catalano D, Fazio N, Gennaro R, Nicolosi A (eds) Public key cryptography – PKC 2011. PKC 2011. Lecture notes in computer science, vol 6571. Springer, Berlin, Heidelberg, pp 35–52Google Scholar
  26. Paquin C, Zaverucha G (2011) U-prove cryptographic specification v1. 1. Technical report, Microsoft CorporationGoogle Scholar
  27. Rescorla E, Dierks T (2008) The transport layer security (TLS) protocol version 1.2. RFC 5246Google Scholar
  28. Shahandashti S, Safavi-Naini R (2009) Threshold attribute-based signatures and their application to anonymous credential systems. AFRICACRYPT ’09Google Scholar
  29. TeSLA Consortium (2016) Trust based authentication & authorship e-assessment analysis. http://tesla-project.eu/. Accessed July 2019
  30. Wu X, Wu J (2019) Criteria evaluation and selection in non-native language MBA students admission based on machine learning methods. J Ambient Intell Human Comput.  https://doi.org/10.1007/s12652-019-01490-0 CrossRefGoogle Scholar
  31. Xu Q, Tan C, Fan Z, Zhu W, Xiao Y, Cheng F (2018) Secure data access control for fog computing based on multi-authority attribute-based signcryption with computation outsourcing and attribute revocation. Sensors 18(5):1609CrossRefGoogle Scholar
  32. Zhang Y, Feng D (2012) Efficient attribute proofs in anonymous credential using attribute-based cryptography. In: Proceedings of the 14th international conference on information and communications security, ICICS’12Google Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Department of Computer ScienceUniversity of SheffieldSheffieldEngland, UK
  2. 2.Institut Polytechnique de Paris, Telecom Sud-Paris, SAMOVAR CNRS UMR 5157EvryFrance

Personalised recommendations