A Secure and Privacy-Protecting Protocol for Transmitting Personal Information Between Organizations
A multi-party cryptographic protocol and a proof of its security are presented. The protocol is based on RSA using a one-way-function. Its participants are individuals and organizations, which are not assumed to trust each other. The protocol implements a “credential mechanism”, which is used to transfer personal information about individuals from one organization to another, while allowing individuals to retain substantial control over such transfers.
It is proved that the privacy of individuals is protected in a way that is optimal against cooperation of all organizations, even if the organizations have infinite computational resources. We introduce a “formal credential mechanism”, based on an “ideal RSA cryptosystem”. It allows individuals a chance of successful cheating that is proved to be exponentially small in the amount of computation required. The new proof techniques used are based on probability theory and number theory and may be of more general applicability.
KeywordsExecution Process Security Check Message Space Integer Coprime Signature Authority
- [Ch 84]D. Chaum, Showing credentials without identification: transferring signatures between unconditionally unlinkable pseudonyms. Preprint, available from the author.Google Scholar
- [Ch 85]D. Chaum, Security without identification: transaction systems to make big brother obsolete. Communications of the ACM, 28(10), Oct. 1985Google Scholar
- [DLM 82]R.A. DeMillo, N.A. Lynch, M.J. Merritt, Cryptographic protocols. In Proc. 14th ACM Symposium on Theory of computing, pp. 383–400. ACM, 1982.Google Scholar
- [EGS 85]S. Even, O. Goldreich, A. Shamir, On the security of ping-pong protocols when implemented using the RSA. Presented at Crypto 85, Santa Barbara, August 1985.Google Scholar