A Formal Model of Identity Mixer

  • Jan Camenisch
  • Sebastian Mödersheim
  • Dieter Sommer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6371)


Identity Mixer is an anonymous credential system developed at IBM that allows users for instance to prove that they are over 18 years old without revealing their name or birthdate. This privacy-friendly technology is realized using zero-knowledge proofs. We describe a formal model of Identity Mixer that is well-suited for automated protocol verification tools in the spirit of black-box cryptography models.


Security Protocol Algebraic Property Algebraic Reasoning Privacy Property Proof Term 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi, M., Fournet, C.: Private authentication. Theoretical Computer Science 322(3), 427–476 (2004)CrossRefzbMATHGoogle Scholar
  2. 2.
    Amadio, R., Lugiez, D.: On the reachability problem in cryptographic protocols. In: Palamidessi, C. (ed.) CONCUR 2000. LNCS, vol. 1877, pp. 380–394. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Armando, A., Basin, D.A., Boichut, Y., Chevalier, Y., Compagna, L., Cuéllar, J., Drielsma, P.H., Héam, P.-C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Armando, A., Carbone, R., Compagna, L., Cuellar, J., Abad, L.T.: Formal Analysis of SAML 2.0 Web Browser Single Sign-On: Breaking the SAML-based Single Sign-On for Google Apps. In: FMSE 2008. ACM Press, New York (2008)Google Scholar
  5. 5.
    Armando, A., Compagna, L.: SAT-based Model-Checking for Security Protocols Analysis. International Journal of Information Security 7(1), 3–32 (2008)CrossRefzbMATHGoogle Scholar
  6. 6.
    Backes, M., Hritcu, C., Maffei, M.: Type-checking zero-knowledge. In: ACM Conference on Computer and Communications Security, pp. 357–370 (2008)Google Scholar
  7. 7.
    Backes, M., Maffei, M., Unruh, D.: Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In: IEEE Symposium on Security and Privacy, pp. 202–215 (2008)Google Scholar
  8. 8.
    Bangerter, E., Camenisch, J., Krenn, S., Sadeghi, A.-R., Schneider, T.: Automatic generation of sound zero-knowledge protocols. Cryptology ePrint Archive (2008)Google Scholar
  9. 9.
    Bangerter, E., Camenisch, J., Lysyanskaya, A.: A Cryptographic Framework for the Controlled Release Of Certified Data. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2004. LNCS, vol. 3957, pp. 43–50. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  10. 10.
    Bellare, M., Goldreich, O.: On defining proofs of knowledge. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 390–420. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  11. 11.
    Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: CSFW 2001, pp. 82–96. IEEECOSO (2001)Google Scholar
  12. 12.
    Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: STOC, pp. 103–112 (1988)Google Scholar
  13. 13.
    Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, p. 93. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Camenisch, J., Mödersheim, S., Neven, G., Preiss, F.-S., Sommer, D.: A card requirements language enabling privacy-preserving access control. In: SACMAT, pp. 119–128. ACM Press, New York (2010)Google Scholar
  15. 15.
    Camenisch, J., Sommer, D., Zimmermann, R.: A general certification framework with application to privacy-enhancing certificate infrastructures. In: SEC (2006)Google Scholar
  16. 16.
    Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  17. 17.
    Cervesato, I., Jaggard, A.D., Scedrov, A., Tsay, J.-K., Walstad, C.: Breaking and fixing public-key Kerberos. Information and Computation 206(2-4) (2008)Google Scholar
  18. 18.
    Chaum, D.: Blind signatures for untraceable payments. In: Advances in Cryptology - Crypto ’82, pp. 199–203. Springer, Heidelberg (1983)Google Scholar
  19. 19.
    Cheval, V., Comon-Lundh, H., Delaune, S.: Automating security analysis: symbolic equivalence of constraint systems. In: Giesl, J., Hähnle, R. (eds.) IJCAR’10. LNCS (LNAI), vol. 6173, pp. 412–426. Springer, Heidelberg (2010)Google Scholar
  20. 20.
    Cortier, V., Rusinowitch, M., Zalinescu, E.: Relating two standard notions of secrecy. In: Ésik, Z. (ed.) CSL 2006. LNCS, vol. 4207, pp. 303–318. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  21. 21.
    Escobar, S., Meadows, C., Meseguer, J.: A rewriting-based inference system for the NRL protocol analyzer and its meta-logical properties. Theoretical Computer Science 367(1-2), 162–202 (2006)CrossRefzbMATHGoogle Scholar
  22. 22.
    Küsters, R., Truderung, T.: Using proverif to analyze protocols with diffie-hellman exponentiation. IEEE CSF, 157–171 (2009)Google Scholar
  23. 23.
    Li, X., Zhang, Y., Deng, Y.: Verifying anonymous credential systems in applied pi calculus. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 209–225. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  24. 24.
    Millen, J.K., Denker, G.: Capsl and mucapsl. Journal of Telecommunications and Information Technology 4, 16–27 (2002)Google Scholar
  25. 25.
    Mödersheim, S.: Models and Methods for the Automated Analysis of Security Protocols. PhD-thesis, ETH Zürich (2007)Google Scholar
  26. 26.
    Mödersheim, S., Viganò, L.: The open-source fixed-point model checker for symbolic analysis of security protocols. In: Fosad 2007–2008–2009. LNCS. Springer, Heidelberg (2009)Google Scholar
  27. 27.
    Mödersheim, S., Viganò, L.: Secure Pseudonymous Channels. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 337–354. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  28. 28.
    Schnorr, C.P.: Efficient signature generation for smart cards. Journal of Cryptology 4(3), 239–252 (1991)CrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Jan Camenisch
    • 2
  • Sebastian Mödersheim
    • 1
  • Dieter Sommer
    • 2
  1. 1.DTU InformaticsDenmark
  2. 2.IBM ResearchZurichSwitzerland

Personalised recommendations