Cryptology ePrint Archive: Report 2014/067

Efficient and Strongly Secure Dynamic Domain-Specific Pseudonymous Signatures for ID Documents

Julien Bringer and Hervé Chabanne and Roch Lescuyer and Alain Patey

Abstract: The notion of domain-specific pseudonymous signatures (DSPS) has recently been introduced for private authentication of ID documents, like passports, that embed a chip with computational abilities. Thanks to this privacy-friendly primitive, the document authenticates to a service provider through a reader and the resulting signatures are anonymous, linkable inside the service and unlinkable across services. A subsequent work proposes to enhance security and privacy of DSPS through group signatures techniques. In this paper, we improve on these proposals in three ways. First, we spot several imprecisions in previous formalizations. We consequently provide a clean security model for \emph{dynamic domain-specific pseudonymous signatures}, where we correctly address the dynamic and adaptive case. Second, we note that using group signatures is somehow an overkill for constructing DSPS, and we provide an optimized construction that achieves the same strong level of security while being more efficient. Finally, we study the implementation of our protocol in a chip and show that our solution is well-suited for these limited environments. In particular, we propose a secure protocol for delegating the most demanding operations from the chip to the reader.

Category / Keywords: public-key cryptography / ID documents, Privacy-enhancing cryptography, Domain-specific pseudonymous signatures

Original Publication (with minor differences): FINANCIAL CRYPTOGRAPHY AND DATA SECURITY 2014

Date: received 30 Jan 2014, last revised 11 Mar 2016

Contact author: roch lescuyer at morpho com

Available format(s): PDF | BibTeX Citation

Version: 20160311:190837 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]