Paper 2016/217

Practical backward unlinkable revocation in FIDO, German e-ID, Idemix and U-Prove

Eric R. Verheul

Abstract

FIDO, German e-ID, Idemix and U-Prove constitute privacy-enhanced public-key infrastructures allowing users to authenticate in an anonymous way. This however hampers timely revocation in a privacy friendly way. From a legal perspective, revocation typically should be effective within 24 hours after user reporting. It should also be backward unlinkable, i.e. user anonymity cannot be removed after revocation. We describe a new, generic revocation mechanism based on pairing based encryption and apply it to supplement the systems mentioned. This allows for both flexible and privacy friendly revocation. Protocol execution takes less than a quarter of a second on modern smartcards. An additional property is that usage after revocation is linkable, allowing users to identify fraudulent usage after revocation. Our technique is the first Verifier Local Revocation scheme with backwards unlinkable revocation for the systems mentioned. This also allows for a setup resembling the well-known Online Certificate Status Protocol (OCSP). Here the service provider sends a pseudonym to a revocation provider that returns its status. As the information required for this is not secret the status service can be distributed over many cloud services. In addition to the status service our technique also supports the publication of a central revocation list.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. MINOR revision.
Keywords
ABCspairingsVerifier Local Revocation
Contact author(s)
Eric Verheul @ keycontrols nl
History
2016-02-29: received
Short URL
https://ia.cr/2016/217
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/217,
      author = {Eric R.  Verheul},
      title = {Practical backward unlinkable revocation in FIDO, German e-ID, Idemix and U-Prove},
      howpublished = {Cryptology ePrint Archive, Paper 2016/217},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/217}},
      url = {https://eprint.iacr.org/2016/217}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.