Advertisement

emmy – Trust-Enhancing Authentication Library

  • Miha Stopar
  • Manca BizjakEmail author
  • Jolanda Modic
  • Jan Hartman
  • Anže Žitnik
  • Tilen Marc
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 563)

Abstract

People, organizations, devices need to make many kinds of claims as part of their everyday activities. Digital credentials can enable to transmit instantly verifiable claims about their name, date of birth, gender, location, accomplishments. Some privacy-enhancing digital credentials enable revealing only part of your identity and thus hiding all information that is not necessarily needed for the online service. In the past two decades, several privacy- and trust-enhancing authentication techniques and approaches have been proposed to implement such verifiable digital credentials, mostly on the theoretical level. Some implementations exist, but either lack functionalities, rely on heavy computational machinery or are not available in open source. This paper presents emmy, a fully-fledged open source cryptographic library for secure, privacy-aware, and trust-enhancing authentication towards online services.

Keywords

Trust Privacy Zero-knowledge proofs Identity management Anonymity Cloud services 

Notes

Acknowledgement

The research was supported, in part, by grants H2020-DS-2017-780108 (FENTEC) and H2020-ICT-2016-730929 (mF2C).

References

  1. 1.
    Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again. In: Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, ITCS 2012, pp. 326–349. ACM, New York (2012)Google Scholar
  2. 2.
    Brands, S., Demuynck, L., De Decker, B.: A practical system for globally revoking the unlinkable pseudonyms of unknown users. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 400–415. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-73458-1_29CrossRefGoogle Scholar
  3. 3.
    Brands, S.A.: An efficient off-line electronic cash system based on the representation problem. Technical report, CWI (Centre for Mathematics and Computer Science), Amsterdam, The Netherlands (1993)Google Scholar
  4. 4.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, pp. 132–145. ACM, New York (2004)Google Scholar
  5. 5.
    Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. In: Proceedings of the 39th IEEE Symposium on Security and Privacy 2018, SP 2018, San Francisco, CA, US, pp. 315–334. IEEE (2018)Google Scholar
  6. 6.
    Camenisch, J., Chen, L., Drijvers, M., Lehmann, A., Novick, D., Urian, R.: One TPM to bind them all: fixing TPM 2.0 for provably secure anonymous attestation. In: Proceedings of the 38th IEEE Symposium on Security and Privacy, SP 2017, pp. 901–920. IEEE, NY (2017)Google Scholar
  7. 7.
    Camenisch, J., Damgård, I.: Verifiable encryption, group encryption, and their applications to separable group signatures and signature sharing schemes. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 331–345. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-44448-3_25CrossRefGoogle Scholar
  8. 8.
    Camenisch, J., Drijvers, M., Lehmann, A.: Universally composable direct anonymous attestation. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9615, pp. 234–264. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49387-8_10CrossRefGoogle Scholar
  9. 9.
    Camenisch, J., Groß, T.: Efficient attributes for anonymous credentials. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS 2008, pp. 345–356. ACM, New York (2008)Google Scholar
  10. 10.
    Camenisch, J., Kohlweiss, M., Soriente, C.: An accumulator based on bilinear maps and efficient revocation for anonymous credentials. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 481–500. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00468-1_27CrossRefGoogle Scholar
  11. 11.
    Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44987-6_7CrossRefGoogle Scholar
  12. 12.
    Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28628-8_4CrossRefGoogle Scholar
  13. 13.
    Camenisch, J., Shoup, V.: Practical verifiable encryption and decryption of discrete logarithms. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 126–144. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45146-4_8CrossRefGoogle Scholar
  14. 14.
    Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993).  https://doi.org/10.1007/3-540-48071-4_7CrossRefGoogle Scholar
  15. 15.
    Cramer, R., Damgård, I.: Zero-knowledge proofs for finite field arithmetic, or: can zero-knowledge be for free? In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 424–441. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0055745CrossRefGoogle Scholar
  16. 16.
    Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48658-5_19CrossRefGoogle Scholar
  17. 17.
    Damgård, I., Fujisaki, E.: A statistically-hiding integer commitment scheme based on groups with hidden order. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 125–142. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-36178-2_8CrossRefGoogle Scholar
  18. 18.
  19. 19.
    emmy - Library for Zero-Knowledge Proofs. https://github.com/xlab-si/emmy
  20. 20.
    FENTEC Project Homepage. http://fentec.eu/
  21. 21.
    Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987).  https://doi.org/10.1007/3-540-47721-7_12CrossRefGoogle Scholar
  22. 22.
    Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof-systems. In: Proceedings of the 17th Annual ACM Symposium on Theory of Computing, STOC 1985, pp. 291–304. ACM, New York (1985)Google Scholar
  23. 23.
  24. 24.
  25. 25.
  26. 26.
    IBM Identity Mixer (idemix). https://www.zurich.ibm.com/identity_mixer/
  27. 27.
  28. 28.
  29. 29.
  30. 30.
  31. 31.
    JSON Web Tokens. https://jwt.io/
  32. 32.
    Bemmann, K., et al.: Fully-featured anonymous credentials with reputation system. In: Proceedings of the 13th International Conference on Availability, Reliability and Security, ARES 1918, pp. 42:1–42:10. ACM, New York (2018)Google Scholar
  33. 33.
    Lipmaa, H.: On diophantine complexity and statistical zero-knowledge arguments. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 398–415. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-40061-5_26CrossRefGoogle Scholar
  34. 34.
    Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H., Adams, C. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184–199. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-46513-8_14CrossRefGoogle Scholar
  35. 35.
    Marketing Week: Consumers are ‘dirtying’ databases with false details. https://www.marketingweek.com/2015/07/08/consumers-are-dirtying-databases-with-false-details/
  36. 36.
    mF2C Project Homepage. http://www.mf2c-project.eu/
  37. 37.
    Nakanishi, T., Fujii, H., Hira, Y., Funabiki, N.: Revocable group signature schemes with constant costs for signing and verifying. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 463–480. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00468-1_26CrossRefGoogle Scholar
  38. 38.
  39. 39.
  40. 40.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-46766-1_9CrossRefGoogle Scholar
  41. 41.
  42. 42.
    Sabouri, A., Krontiris, I., Rannenberg, K.: Attribute-based credentials for trust (ABC4Trust). In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds.) TrustBus 2012. LNCS, vol. 7449, pp. 218–219. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32287-7_21CrossRefGoogle Scholar
  43. 43.
    Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, New York (1990).  https://doi.org/10.1007/0-387-34805-0_22CrossRefGoogle Scholar
  44. 44.
    Security Assertion Markup Language (SAML) V2.0 Technical Overview. https://wiki.oasis-open.org/security/Saml2TechOverview
  45. 45.
    Technical introduction to IRMA. https://credentials.github.io/
  46. 46.
    The Intel(R) Enhanced Privacy ID Software Development Kit. https://github.com/Intel-EPID-SDK/epid-sdk
  47. 47.
  48. 48.
    Trusted Computing Group. https://trustedcomputinggroup.org/
  49. 49.
  50. 50.
    Verifiable Claims Working Group. https://www.w3.org/2017/vc/WG/
  51. 51.

Copyright information

© IFIP International Federation for Information Processing 2019

Authors and Affiliations

  • Miha Stopar
    • 1
  • Manca Bizjak
    • 1
    Email author
  • Jolanda Modic
    • 1
  • Jan Hartman
    • 1
  • Anže Žitnik
    • 1
  • Tilen Marc
    • 1
    • 2
  1. 1.XLAB d.o.o.LjubljanaSlovenia
  2. 2.Institute of Mathematics, Physics and MechanicsLjubljanaSlovenia

Personalised recommendations