Abstract
To avoid the risk of long-term storage of secrets on a portable device, an online credential system supports the roaming user in retrieving securely at various locations his private key and other material to generate anonymous signatures. The protocol proposed here allows a roaming mobile user to access anonymously services such as whistle blowing and net-counselling. Our approach: (1) allows a mobile user, remembering a short password, to anonymously and securely retrieve the credentials necessary for his anonymous communication without assuming a pre-established anonymous channel to the credential server or establishing an anonymous channel using the time-consuming existing rerouting techniques; (2) provides authenticated anonymous access to privacy-related services without rerouting the packets; (3) helps combatting the abuse of anonymity for performing illegal activities (e.g. redistribution of copy-righted contents, illegal drug trading and so on).
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Chaum, D., & van Heyst, E. (1991). Group signatures. In EUROCRYPT (pp. 257–265). Berlin: Springer-Verlag.
Rivest, R. L., Shamir, A., & Tauman, Y. (2006). How to leak a secret: Theory and applications of ring signatures. In Essays in memory of Shimon Even (pp. 164–186). Berlin: Springer-Verlag.
Chaum D. (1985) Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM 28(10): 1030–1044
Chaum D., Evertse J.-H. (1986) A secure and privacy-protecting protocol for transmitting personal information between organizations. In: Odlyzko A.M. (eds) CRYPTO. Springer-Verlag, Berlin, pp 118–167
Camenisch J., Lysyanskaya A. (2001) An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pftizmann B. (eds) EUROCRYPT. Springer-Verlag, Berlin, pp 93–118
Camenisch J., Lysyanskaya A. (2004) Signature schemes and anonymous credentials from bilinear maps. In: Franklin M. (eds) CRYPTO. Springer-Verlag, Berlin, pp 56–72
Anonymizer. http://www.anonymizer.com.
Chaum D. (1981) Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2): 84–88
Syverson, P., Goldschlag, D., & Reed, M. (1997). Anonymous connections and onion routing. In Proceedings of the IEEE symposium on security and privacy. Series IEEE CS Press (pp. 44–54).
Reiter M., Rubin A. (1998) Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security 1(1): 66–92
Shin, S., Kobara, K., & Imai, H. (2006, July). An efficient anonymous password-authenticated key exchange protocol. In Proceedings of the ISEC. (Vol. 54, pp. 107–114). IEICE.
Narten, T., & Draves, R. (2001, January). Privacy extensions for stateless address autoconfiguration in ipv6. IETF RFC (Vol. 3041). IETF.
Patel, S. (1997). Number theoretic attacks on secure password schemes. In Proceedings of IEEE symposium on security and privacy, series IEEE CS Press (pp. 236–247).
Wan, Z., & Wang, S. (2004). Cryptanalysis of two password-authenticated key exchange protocols. In Proceedings of ACISP 2004, series LNCS (Vol. 3108, pp. 164–175). Berlin: Springer-Verlag.
Viet, D. Q., Yamamura, A., & Tanaka, H. (2005). Anonymous password-based authenticated key exchange. In Proceedings of INDOCRYPT 2005, series LNCS (Vol. 3797, pp. 244–257). Berlin: Springer-Verlag.
Author information
Authors and Affiliations
Corresponding author
Additional information
Part of this work was presented in a paper at WPMC08. This work was done while Hanane Fathi was at AIST RCIS.
Rights and permissions
About this article
Cite this article
Fathi, H., Shin, S., Kobara, K. et al. Purpose-restricted Anonymous Mobile Communications Using Anonymous Signatures in Online Credential Systems. Wireless Pers Commun 54, 225–236 (2010). https://doi.org/10.1007/s11277-009-9715-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-009-9715-2