Cryptology ePrint Archive: Report 2013/795

Insecurity of An Anonymous Authentication For Privacy-preserving IoT Target-driven Applications

Xi-Jun Lin and Lin Sun

Abstract: The Internet of Things (IoT) will be formed by smart objects and services interacting autonomously and in real-time. Recently, Alcaide et al. proposed a fully decentralized anonymous authentication protocol for privacy-preserving IoT target-driven applications. Their system is set up by an ad-hoc community of decentralized founding nodes. Nodes can interact, being participants of cyberphysical systems, preserving full anonymity. In this study, we point out that their protocol is insecure. The adversary can cheat the data collectors by impersonating a legitimate user.

Category / Keywords: cryptographic protocols / Anonymous credential system; Fully decentralized protocol; Threshold cryptography; Zero-knowledge proof of knowledge; Smart community

Date: received 27 Nov 2013

Contact author: linxj77 at 163 com

Available format(s): PDF | BibTeX Citation

Version: 20131201:163405 (All versions of this report)

Short URL: ia.cr/2013/795

Discussion forum: Show discussion | Start new discussion