Technical Implementation and Feasibility
This chapter provides application developers with a presentation of the implemented reference implementation of the ABC4Trust architecture and protocols as well as a presentation on how to get started using the reference implementation. The reference implementation includes the ABC-Engines of the different entities, namely the User, Issuer, Verifier, Inspector, and Revocation Authority, and the smart card implementation for the User. This chapter also presents results of a perturbation analysis of the reference implementation. Even though the ABC4Trust focused on a server-desktop environment, we have done some proof of concept implementations and analysis of the feasibility of using smart phones for the user side of a Privacy-ABC setup; these results are also presented in this chapter.
KeywordsSmart Card Evaluation Target Technical Implementation Reference Implementation Misuse Case
Unable to display preview. Download preview PDF.
- [Bal08]Josep Balasch. Smart ard Implementation of Anonymous redentials. PhD thesis, KATHOLIEKE UNIVERSITEIT LEUVEN, 2008.Google Scholar
- [BBE+14]Thomas Baign`eres, Patrik Bichsel, Robert R Enderlein, Hans Knudsen, Kasper Damgård, Jonas Jensen, Gregory Neven, Janus Nielsen, Pascal Paillier, and Michael Stausholm. Final Reference Implementation. Deliverable D4.2, The ABC4Trust EU Project, 2014. Available at https://abc4trust.eu/download/D4.2 % 20Final%20Reference%20Implementation.pdf, Last accessed on 2014-11-08.
- [BCC04]Ernie Brickell, Jan Camenisch, and Liqun Chen. Direct anonymous attestation. In Proceedings of the 11th ACM conference on Computer and communications security, pages 132–145. ACM, 2004.Google Scholar
- [BCD+14]Patrik Bichsel, Jan Camenisch, Maria Dubovitskaya, Robert R. Enderlein, Stephan Krenn, Ioannis Krontiris, Anja Lehmann, Gregory Neven, Janus Dam Nielsen, Christian Paquin, Franz-Stefan Preiss, Kai Rannenberg, Ahmad Sabouri, and Michael Stausholm. Architecture for Attribute-based Credential Technologies - Final Version. Deliverable D2.2, The ABC4Trust EU Project, 2014. Available at https://abc4trust.eu/download/Deliverable_ D2.2.pdf, Last accessed on 2014-11-08.
- [BCGS09]Patrik Bichsel, Jan Camenisch, Thomas Groß, and Victor Shoup. Anonymous credentials on a standard java card. In Proceedings of the 2009 ACM Conference on Computer and Communications Security, CCS 2009, Chicago, Illinois, USA, November 9-13, 2009, pages 600–610, 2009.Google Scholar
- [BDP14]Thomas Baign`eres, Ccile Delerabl`ee, and Pascal Paillier. Programming Privacy-ABCs on the ABC4Trust Lite v1.1 Smart Card, 2014.Google Scholar
- [BHJ+10]Lejla Batina, Jaap-Henk Hoepman, Bart Jacobs, Wojciech Mostowski, and Pim Vullers. Developing efficient blinded attribute certificates on smart cards via pairings. In Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010, Passau, Germany, April 14-16, 2010. Proceedings, pages 209– 222, 2010.Google Scholar
- [Bic07]Patrik Bichsel. Theft and misuse protection for anonymous credentials. Master’s thesis, ETH Z¨urich, Switzerland, 2007.Google Scholar
- [CKL+11]Jan Camenisch, Ioannis Krontiris, Anja Lehmann, Gregory Neven, Christian Paquin, Kai Rannenberg, and Harald Zwingelberg. Architecture for Attribute-based Credential Technologies - Version 1. Deliverable D2.1, The ABC4Trust EU Project, 2011. Available at https://abc4trust.eu/download/ABC4Trust-D2.1-Architecture-V1.2.pdf, Last accessed on 2014-11-08.
- [GN12]Hans Guldage and Janus Dam Nielsen. Initial Reference Implementation. Deliverable D4.1, The ABC4Trust EU Project, 2012.Google Scholar
- [Jen14]Jonas Lindstrøm Jensen. Smartphone Feasibility Analysis. Deliverable D4.4, The ABC4Trust EU Project, 2014. Available at https://abc4trust.eu/download/Deliverable_D4.4.pdf, Last accessed on 2014-11-08.
- [LMX04]N. Looker, M. Munro, and J. Xu. Simulating Errors in Web Services. International Journal of Simulation Systems, Science & Technology, 5(5):29–37, December 2004.Google Scholar
- [LSP+14]Jesus Luna, Neeraj Suri, Giancarlo Pellegrino, Heng Zhang, and Michael Bladt Stausholm. Final Perturbation Analysis of the Implementation. Deliverable D4.3, The ABC4Trust EU Project, 2014. Available at https://abc4trust.eu/download/D4%203_PerturbationAnalysis_final.pdf, Last accessed on 2014-11-08.
- [LX03a]Nik Looker and Jie Xu. Assessing the Dependability of SOAP RPCBased Web Services by Fault Injection. In Object-Oriented Real-Time Dependable Systems, 2003. WORDS 2003 Fall. The Ninth IEEE International Workshop on, page 163. IEEE, October 2003.Google Scholar
- [LX03b]Nik Looker and Jie Xu. Assessing the Dependability of SOAP RPCBased Web Services by Fault Injection. In Object-Oriented Real-Time Dependable Systems, 2003. WORDS 2003 Fall. The Ninth IEEE International Workshop on, pages 163–163, Oct 2003.Google Scholar
- [Paq13]Christian Paquin. Privacy and accountability in identity systems: the best of both worlds. TechReport MSR-TR-2013-85, Microsoft Corporation, September 2013.Google Scholar
- [PZ13]Christian Paquin and Greg Zaverucha. U-prove Cryptographic Specification v1.1 (Revision 2). Technical report, Microsoft Corporation, 2013.Google Scholar
- [TJ09]Hendrik Tews and Bart Jacobs. Performance issues of selective disclosure and blinded issuing protocols on java card. In Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks, Third IFIP WG 11.2 International Workshop, WISTP 2009, Brussels, Belgium, September 1-4, 2009, Proceedings, pages 95–111, 2009.Google Scholar
- [VM95]Jeffrey M Voas and Keith W Miller. Software testability: The new verification. IEEE Software, 12(3):17–28, 1995.Google Scholar