short-paper

Real-World Identification: Towards a Privacy-Aware Mobile eID for Physical and Offline Verification

Authors:

Michael Hölzl,

Michael Roland,

René MayrhoferAuthors Info & Claims

MoMM '16: Proceedings of the 14th International Conference on Advances in Mobile Computing and Multi Media

Pages 280 - 283

https://doi.org/10.1145/3007120.3007158

Published: 28 November 2016 Publication History

Get Access

Abstract

There are many systems that provide users with an electronic identity (eID) to sign documents or authenticate to online services (e.g. governmental eIDs, OpenID). However, current solutions lack in providing proper techniques to use them as regular ID cards that digitally authenticate their holders to another physical person in the real world. We envision a fully mobile eID which provides such functionality in a privacy-preserving manner, fulfills requirements for governmental identities with high security demands (such as driving licenses, or passports) and can be used in the private domain (e.g. as loyalty cards). In this paper, we present potential use cases for such a flexible and privacy-preserving mobile eID and discuss the concept of privacy-preserving attribute queries. Furthermore, we formalize necessary functional, mobile, security, and privacy requirements, and present a brief overview of potential techniques to cover all of them.

References

[1]

J. Bringer, H. Chabanne, R. Lescuyer, and A. Patey. Efficient and Strongly Secure Dynamic Domain-Specific Pseudonymous Signatures for ID Documents. In Financial Cryptography and Data Security, pages 255--272. Springer, 2014.

Crossref

Google Scholar

[2]

J. Bringer, H. Chabanne, R. Lescuyer, and A. Patey. Hierarchical Identities from Group Signatures and Pseudonymous Signatures. In The New Codebreakers, pages 457--469. Springer, 2016.

Digital Library

Google Scholar

[3]

BSI. Kryptographische Verfahren: Empfehlungen und Schlüssellängen. Technical Report TR-02102-1 v2016-1, Feb. 2016.

Google Scholar

[4]

J. Camenisch and M. Stadler. Efficient group signature schemes for large groups. In Advances in Cryptology, CRYPTO '97, pages 410--424. Springer, Aug. 1997.

Digital Library

Google Scholar

[5]

D. Chaum and E. Van Heyst. Group signatures. In Advances in Cryptology, EUROCRYPT '91, pages 257--265. Springer, 1991.

Digital Library

Google Scholar

[6]

M. Hölzl, E. Asnake, R. Mayrhofer, and M. Roland. A Password-authenticated Secure Channel for App to Java Card Applet Communication. International Journal of Pervasive Computing and Communications (IJPCC), 11:374--397, Oct. 2015.

Crossref

Google Scholar

[7]

V. Kumar, H. Li, J.-M. J. Park, K. Bian, and Y. Yang. Group Signatures with Probabilistic Revocation: A Computationally-Scalable Approach for Providing Privacy-Preserving Authentication. In Proc. CCS 2015, pages 1334--1345. ACM, 2015.

Digital Library

Google Scholar

[8]

A. Lehmann et al. Survey and Analysis of Existing eID and Credential Systems. FutureID Deliverable D32.1, Apr. 2013.

Google Scholar

[9]

W. Lueks, G. Alpár, J.-H. Hoepman, and P. Vullers. Fast revocation of attribute-based credentials for both users and verifiers. In ICT Systems Security and Privacy Protection, pages 463--478. Springer, 2015.

Crossref

Google Scholar

[10]

H. K. Maji, M. Prabhakaran, and M. Rosulek. Attribute-Based Signatures. In Topics in Cryptology, CT-RSA 2011, pages 376--392. Springer, Feb. 2011.

Digital Library

Google Scholar

[11]

T. Nakanishi and N. Funabiki. Verifier-Local Revocation Group Signature Schemes with Backward Unlinkability from Bilinear Maps. In Advances in Cryptology, ASIACRYPT 2005, pages 533--548. Springer, Dec. 2005.

Digital Library

Google Scholar

[12]

T. Nyman, J.-E. Ekberg, and N. Asokan. Citizen electronic identities using TPM 2.0. In Proceedings of the 4th International Workshop on Trustworthy Embedded Devices, pages 37--48. ACM, 2014.

Digital Library

Google Scholar

Cited By

View all

Obiora Nweke L(2023)National Identification Systems As Enablers of Online IdentityOnline Identity - An Essential Guide [Working Title]10.5772/intechopen.1002294Online publication date: 18-Aug-2023
https://doi.org/10.5772/intechopen.1002294
Mir OMayrhofer RHölzl MNguyen T(2018)Recovery of Encrypted Mobile Device Backups from Partially Trusted Cloud ServersProceedings of the 13th International Conference on Availability, Reliability and Security10.1145/3230833.3232815(1-10)Online publication date: 27-Aug-2018
https://dl.acm.org/doi/10.1145/3230833.3232815
Hölzl MRoland MMayrhofer R(2018)Real-World Identification for an Extensible and Privacy-Preserving Mobile eIDPrivacy and Identity Management. The Smart Revolution10.1007/978-3-319-92925-5_24(354-370)Online publication date: 9-Jun-2018
https://doi.org/10.1007/978-3-319-92925-5_24

Recommendations

Disposable dynamic accumulators: toward practical privacy-preserving mobile eIDs with scalable revocation
Abstract
Providing methods to anonymously validate user identity is essential in many applications of electronic identity (eID) systems. A feasible approach to realize such a privacy-preserving eID is the usage of group signature protocols or pseudonym-...
Bridging the gap in privacy-preserving revocation: practical and scalable revocation of mobile eIDs
SAC '18: Proceedings of the 33rd Annual ACM Symposium on Applied Computing

Providing methods to anonymously validate the user's identity is essential in many applications of electronic identity (eID) systems. A feasible approach to realize such a privacy-preserving eID is the usage of group signature protocols or pseudonym-...
‘A public key infrastructure model for privacy‐enhancing general purpose eIDs’

In this study, the authors propose a hybrid identity certificate – attribute certificate public key infrastructure (PKI) model with elements of anonymity, applicable to general purpose electronic identities, which aims to defend personal information ...

Comments

Information & Contributors

Information

Published In

MoMM '16: Proceedings of the 14th International Conference on Advances in Mobile Computing and Multi Media

November 2016

363 pages

ISBN:9781450348065

DOI:10.1145/3007120

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

@WAS: International Organization of Information Integration and Web-based Applications and Services

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 November 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Conference

MoMM '16

MoMM '16: 14th International Conference on Advances in Mobile Computing and Multi Media

November 28 - 30, 2016

Singapore, Singapore

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
115
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Obiora Nweke L(2023)National Identification Systems As Enablers of Online IdentityOnline Identity - An Essential Guide [Working Title]10.5772/intechopen.1002294Online publication date: 18-Aug-2023
https://doi.org/10.5772/intechopen.1002294
Mir OMayrhofer RHölzl MNguyen T(2018)Recovery of Encrypted Mobile Device Backups from Partially Trusted Cloud ServersProceedings of the 13th International Conference on Availability, Reliability and Security10.1145/3230833.3232815(1-10)Online publication date: 27-Aug-2018
https://dl.acm.org/doi/10.1145/3230833.3232815
Hölzl MRoland MMayrhofer R(2018)Real-World Identification for an Extensible and Privacy-Preserving Mobile eIDPrivacy and Identity Management. The Smart Revolution10.1007/978-3-319-92925-5_24(354-370)Online publication date: 9-Jun-2018
https://doi.org/10.1007/978-3-319-92925-5_24

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

Disposable dynamic accumulators: toward practical privacy-preserving mobile eIDs with scalable revocation

Bridging the gap in privacy-preserving revocation: practical and scalable revocation of mobile eIDs

‘A public key infrastructure model for privacy‐enhancing general purpose eIDs’