Abstract
Electronic Identity (eID) cards are rapidly emerging in Europe and are gaining user acceptance. As an authentication token, an eID card is a gateway to personal information and as such it is subject to privacy risks. Several European countries have taken extra care to protect their citizens against these risks. A notable example is the German eID card, which we take as a case study in this paper. We first discuss important privacy and security threats that remain in the German eID system and elaborate on the advantages of using privacy attribute-based credentials (Privacy-ABCs) to address these threats. Then we study two approaches for integrating Privacy-ABCs with eID systems. In the first approach, we show that by introducing a new entity in the current German eID system, the citizen can get a lot of the Privacy-ABCs advantages, without further modifications. Then we concentrate on putting Privacy-ABCs directly on smart cards, and we present new results on performance, which demonstrate that it is now feasible for smart cards to support the required computations these mechanisms require.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Ahlswede, S., Gaab, J.: eIDs in Europe, Deutsche Bank Research. Tech. Rep. (September 2010)
A Strategy for ICT R&D and Innovation in Europe: Raising the Game. Commission Communication, COM 116 (2009)
Naumann, I., Hogben, G.: Privacy Features of European eID Card Specifications, ENISA, Position Paper (January 2009)
Poller, A., Waldmann, U., Vowe, S., Turpe, S.: Electronic identity cards for user authentication – promise and practice. IEEE Security & Privacy 10, 46–54 (2012)
Architecture electronic Identity Card and electronic Resident Permit, German Federal Office for Information Security. Technical Report TR-03127, Version 1.13 (2011)
Naumann, I.: Privacy and Security Risks when Authenticating on the Internet with European eID Cards, ENISA, Risk Assessment Report (November 2009)
Bjones, R.: Architecture serving complex Identity Infrastructures, Trust in Digital Life. Tech. Rep. (November 2011)
Krontiris, I., Leitold, H., Posch, R., Rannenberg, K.: eID Interoperability. In: Fumy, W., Paeschke, M. (eds.) Handbook of eID Security. Publicis Publishing (2011)
Impact Assessment accompanying the proposal for a regulation of the European Parliament and of the council on electronic identification and trust services for electronic transactions in the internal market. In: European Commission, SWD, 136 (2012)
Cameron, K., Posch, R., Rannenberg, K.: Proposal for a common identity framework: A User-Centric Identity Metasystem. In: Rannenberg, K., Royer, D., Deuker, A. (eds.) The Future of Identity in the Information Society – Opportunities and Challenges. Springer (2009)
Cameron, K., Jones, M.B.: Design Rationale behind the Identity Metasystem Architecture. Microsoft. Tech. Rep. (February 2006)
Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002), pp. 21–30 (2002)
Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates; Building in Privacy. MIT Press (2000)
ABC4Trust: Attribute-Based Credentials for Trust, https://abc4trust.eu
D2.1 Architecture for Attribute-based Credential Technologies - Version 1, ABC4Trust, Deliverable D2.1 (2011)
Bjones, R.: eParticipation Scenario Reference Guide. Microsoft. Tech. Rep. (October 2010)
Proposal for a regulation of the European Parliament and of the council on electronic identification and trust services for electronic transactions in the internal market. In: European Commission, COM, 238/2 (2012)
Bichsel, P.: Theft and Misuse Protection for Anonymous Credentials, ETH Zürich, Switzerland, Master’s thesis (2007)
Balasch, J.: Smart card implementation of anonymous credentials, K. U. Leuven, Belgium, Master’s thesis (2008)
Bichsel, P., Camenisch, J., Groß, T., Shoup, V.: Anonymous credentials on a standard java card. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009), pp. 600–610 (2009)
Tews, H., Jacobs, B.: Performance issues of Selective Disclosure and Blinded Issuing Protocols on Java Card. In: Markowitch, O., Bilas, A., Hoepman, J.-H., Mitchell, C.J., Quisquater, J.-J. (eds.) WISTP 2009. LNCS, vol. 5746, pp. 95–111. Springer, Heidelberg (2009)
Batina, L., Hoepman, J.-H., Jacobs, B., Mostowski, W., Vullers, P.: Developing efficient blinded attribute certificates on smart cards via pairings. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 209–222. Springer, Heidelberg (2010)
Microsoft, U-Prove Cryptographic Specification V1.1 (February 2011)
Invia, Modular Exponentiation IP, http://www.invia.fr/Modular-Exponentiation-21.html
Longa, P., Gebotys, C.: Efficient techniques for high-speed elliptic curve cryptography. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 80–94. Springer, Heidelberg (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bjones, R., Krontiris, I., Paillier, P., Rannenberg, K. (2014). Integrating Anonymous Credentials with eIDs for Privacy-Respecting Online Authentication. In: Preneel, B., Ikonomou, D. (eds) Privacy Technologies and Policy. APF 2012. Lecture Notes in Computer Science, vol 8319. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54069-1_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-54069-1_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-54068-4
Online ISBN: 978-3-642-54069-1
eBook Packages: Computer ScienceComputer Science (R0)