Investigating Anonymity in Group Based Anonymous Authentication

  • Daniel Slamanig
  • Christian Stingl
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 298)


In this paper we discuss anonymity in context of group based anonymous authentication (\(\mathcal{GBAA}\)). Methods for \(\mathcal{GBAA}\) provide mechanisms such that a user is able to prove membership in a group \(\mathcal{U}'\subseteq\mathcal{U}\) of authorized users \(\mathcal{U}\) to a verifier, whereas the verifier does not obtain any information on the actual identity of the authenticating user. They can be used in addition to anonymous communication channels in order to enhance user’s privacy if access to services is limited to authorized users, e.g. subscription-based services. We especially focus on attacks against the anonymity of authenticating users which can be mounted by an external adversary or a passive verifier when \(\mathcal{GBAA}\) is treated as a black box. In particular, we investigate what an adversary can learn by solely observing anonymity sets \(\mathcal{U}'\) used for \(\mathcal{GBAA}\) and how users can choose their anonymity sets in case of \(\mathcal{U}'\subset\mathcal{U}\). Based on the information which can be obtained by adversaries we show that the probability of user identification can be improved.


Authorized User Authentication Scheme Active Frequency Passive Frequency Attack Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A Practical and Provably Secure Coalition-Resistant Group Signature Scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Benjumea, V., Choi, S.G., Lopez, J., Yung, M.: Anonymity 2.0 - X.509 Extensions Supporting Privacy-Friendly Authentication. In: Bao, F., Ling, S., Okamoto, T., Wang, H., Xing, C. (eds.) CANS 2007. LNCS, vol. 4856, pp. 265–281. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  3. 3.
    Boneh, D., Franklin, M.: Anonymous Authentication with Subset Queries. In: Proc. of the 6th ACM conference on Computer and communications security, pp. 113–119 (1999)Google Scholar
  4. 4.
    Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)Google Scholar
  5. 5.
    Camenisch, J., Shelat, A., Sommer, D., Fischer-Hübner, S., Hansen, M., Krasemann, H., Lacoste, G., Leenes, R., Tseng, J.: Privacy and Identity Management for Everyone. In: DIM 2005: Proceedings of the 2005 workshop on Digital identity management, pp. 20–27. ACM, New York (2005)CrossRefGoogle Scholar
  6. 6.
    Camenisch, J., Hohenberger, S., Kohlweiss, M., Lysyanskaya, A., Meyerovich, M.: How to Win the Clone Wars: Efficient Periodic n-Times Anonymous Authentication. In: Proceedings of the 13th ACM conference on Computer and communications security, CCS 2006, pp. 201–210. ACM, New York (2006)Google Scholar
  7. 7.
    Camenisch, J., Lysyanskaya, A.: An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)CrossRefGoogle Scholar
  9. 9.
    Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  10. 10.
    Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)Google Scholar
  11. 11.
    Damgård, I., Dupont, K., Pedersen, M.Ø.: Unclonable Group Identification. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 555–572. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Danezis, G., Diaz, C.: A Survey of Anonymous Communication Channels. Technical Report MSR-TR-2008-35, Microsoft Research (January 2008)Google Scholar
  13. 13.
    Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a Type III Anonymous Remailer Protocol. In: SP 2003: Proceedings of the 2003 IEEE Symposium on Security and Privacy, Washington, DC, USA, pp. 2–15. IEEE Computer Society, Los Alamitos (2003)CrossRefGoogle Scholar
  14. 14.
    Diaz, C., Seys, S., Claessens, J., Preneel, B.: Towards Measuring Anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. In: Proceedings of the 13th USENIX Security Symposium, p. 21 (2004)Google Scholar
  16. 16.
    Dodis, Y., Kiayias, A., Nicolosi, A., Shoup, V.: Anonymous Identification in Ad Hoc Groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 609–626. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    Douceur, J.R.: The Sybil Attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  18. 18.
    Federrath, H.: Privacy Enhanced Technologies: Methods, Markets, Misuse. In: Katsikas, S.K., López, J., Pernul, G. (eds.) TrustBus 2005. LNCS, vol. 3592, pp. 1–9. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    Froomkin, M.: The Death of Privacy? Stanford Law Review 52(5), 1461–1543 (2000)CrossRefGoogle Scholar
  20. 20.
    Joshi, A., Joshi, K., Krishnapuram, R.: On Mining Web Access Logs. In: Proceedings of the 2000 ACM SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery, pp. 63–69. ACM, New York (2000)Google Scholar
  21. 21.
    Kesdogan, D., Pham, V., Pimenidis, L.: Information Disclosure in Identity Management. In: Proceedings of 12th Nordic Workshop on Secure IT-Systems, Reykjavik, Iceland, October 11-12 (2007)Google Scholar
  22. 22.
    Kilian, J., Petrank, E.: Identity Escrow. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 169–185. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  23. 23.
    Lindell, Y.: Anonymous Authenticaion. Whitepaper Aladdin Knowledge Systems (2007),
  24. 24.
    Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym Systems. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184–199. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  25. 25.
    Martucci, L.A., Kohlweiss, M., Andersson, C., Panchenko, A.: Self-Certified Sybil-Free Pseudonyms. In: Proceedings of the first ACM conference on Wireless network security, WiSec 2008, pp. 154–159. ACM, New York (2008)Google Scholar
  26. 26.
    Naor, M.: Deniable Ring Authentication. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 481–498. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  27. 27.
    Pashalidis, A., Meyer, B.: Linking Anonymous Transactions: The Consistent View Attack. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 384–392. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  28. 28.
    Persiano, P., Visconti, I.: A Secure and Private System for Subscription-Based Remote Services. ACM Trans. Inf. Syst. Secur. 6(4), 472–500 (2003)CrossRefGoogle Scholar
  29. 29.
    Pfitzmann, A., Köhntopp, M.: Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 1–9. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  30. 30.
    Raymond, J.-F.: Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 10–29. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  31. 31.
    Rivest, R.L., Shamir, A., Tauman, Y.: How to Leak a Secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  32. 32.
    Sarasohn-Kahn, J.: The Wisdom of Patients: Health Care Meets Online Social Media (April 2008),
  33. 33.
    Schechter, S., Parnell, T., Hartemink, A.: Anonymous Authentication of Membership in Dynamic Groups. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 184–195. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  34. 34.
    Serjantov, A., Danezis, G.: Towards an Information Theoretic Metric for Anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  35. 35.
    Srivastava, J., Cooley, R., Deshpande, M., Tan, P.-N.: Web Usage Mining: Discovery and Applications of Usage Patterns from Web Data. SIGKDD Explor. Newsl. 1(2), 12–23 (2000)CrossRefGoogle Scholar
  36. 36.
    Teranishi, I., Kurukawa, J., Sako, K.: k-Times Anonymous Authentication. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 308–322. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  37. 37.
    Tzeng, W.-G.: A Secure System for Data Access Based on Anonymous Authentication and Time-Dependent Hierarchical Keys. In: Proc. of the ACM Symp. on Information, computer and communications security, pp. 223–230. ACM, New York (2006)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2009

Authors and Affiliations

  • Daniel Slamanig
    • 1
    • 2
  • Christian Stingl
    • 1
  1. 1.Medical Information Technology – Healthcare IT & Information Security GroupCarinthia University of Applied SciencesKlagenfurtAustria
  2. 2.Computer Science – System Security GroupUniversity of KlagenfurtKlagenfurtAustria

Personalised recommendations