Journal of the Korea Institute of Information Security & Cryptology (정보보호학회논문지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지
DOI QR코드

DOI QR Code

Conditionally Traceable Pseudonym Protocol based on Oblivious Transfer

OT(Oblivious Transfer) 기반의 조건부 추적이 가능한 가명 프로토콜

  • Published : 2009.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, there have been many researches about anonymous credential systems for supporting the user anonymity. However, these systems only hold a high security level, even though they must be able to be applied to various application that might require access control, conditional traceability, etc. As new challenges to these systems, some researches that several entities store the link information that associates identities and pseudonyms each other have been performed. In this paper, based on the oblivious transfer, we suggest a new pseudonym protocol that solves the pseudonym exhaustion problem which the original pseudonym retrieval protocol suffers from. By using the universal re-encryption and one-way function, we can also archive other requirements like the pseudonym unlinkability from the outside.

익명성을 지원하는 시스템을 위하여 현재, 익명 신용장 시스템이 많이 연구되고 있다. 그러나 이러한 시스템은 높은 보안 수준을 가질 뿐, 정교한 접근 제어, 필요에 따른 추적 기능 등 실제 응용 환경에서 필요로 하는 특징을 충족시키지 못하는 경우가 대부분이다. 이러한 시스템에 대한 새로운 도전으로써, 복수의 참여자가 가명과 실명에 대한 연결 정보를 분리하여 저장하는 몇몇 연구가 진행되었다. 이 논문에서는 그 중 Oblivious Transfer를 이용한 가명 획득 프로토콜에 기반을 두고, 가명 고갈의 문제를 해결하고, 재암호화(Re-Encyption), 일방향 함수 등을 사용하여 외부에서의 가명의 연결 불가능성과 같은 다른 여러 요구조건을 충족하는 프로토콜을 제안하고 있다.

Keywords

References

  1. D. Chaum, "Security without identification transaction systems to make Big Brother obsolete," Communications of the ACM, vol. 28, no. 10, pp. 1030-1044, Oct. 1985 https://doi.org/10.1145/4372.4373
  2. D. Chaum and J.H. Evertse, "A secure and privacy protecting protocol for transmitting personal information between organizations," CRYPTO'86, LNCS 263, pp. 118-167, 1986
  3. I.B. Damgard, "Payment systems and credential mechanisms with provable security against abuse by individuals," CRYPTO'88, LNCS 403, pp. 328-335, 1988
  4. L. Chen, "Access with pseudonyms," Cryptography: Policy and Algorithms, LNCS 1029, pp. 232-243, 1995
  5. A. Lysyanskaya, R.L. Rivest, A. Sahai, and S. Wolf, "Pseudonym systems," Workshop on Selected Areas in Cryptography 1999, LNCS 1758, pp. 184-199, 1999
  6. J. Camenisch and A. Lysyanskaya, "An efficient system for non-transferable anonymous credentials with optional anonymity revocation," EUROCRYPT'01, LNCS 2045, pp. 93-118, 2001
  7. M. Layouni and H. Vangheluwe, "Anonymousk-show credentials," EuroPKI'07, LNCS 4582, pp. 181–192, 2007
  8. P.P. Tsang, M.H. Au, A. Kapadia, and S.W. Smith, "Blacklistable anonymous credentials: blocking misbehaving users without TTP," ACM Conference on Computer and Communications Security 2007, pp. 72-81, Oct. 2007 https://doi.org/10.1145/1315245.1315256
  9. V. Benjumea, J. Lopez, J.A. Montenegro, and J.M. Troya, "A First Approach to Provide Anonymity in Attribute Certificates," PKC 2004, LNCS 2947, pp. 402-415, 2004
  10. 권태경, 박해룡, 이철수, "공개키 기반 구조에 기반한 익명게시판 기술 현황," 정보보호학회지, 14(6), pp. 1-13, 2004년 12월
  11. T. Kwon, J.H. Cheon, Y. Kim, and J. Lee, "Privacy Protection in PKIs: A Separation-of-Authority Approach," International Workshop on Information Security Applications, LNCS 4298, pp. 297-311, 2007
  12. G. Brassard, C. Cr$\acute{e}$peau, and J.M. Robert, "All-or-nothing disclosure of secrets," CRYPTO'86, LNCS 263, pp. 234–238, 1986
  13. Y. Mu, J. Zhang, and V. Varadharajan, "m out of n oblivious transfer," Australasian Conference on Information Security and Privacy, LNCS 2384, pp. 395-405, 2002
  14. 양대헌, 이경희, "추적 가능한 가명 은밀 획득 프로토콜," 정보보호학회논문지, 16(5), pp. 113-118, 2006년 10월
  15. M. Jakobsson, A. Juels, and P. Syverson, "Universal re-encryption for mixnets," RSA Conference 2004, Cryptographer's track, LNCS 2964, pp. 163-178, 2004