Designing Anonymous Applications with Accountability Using idemix Anonymous Credentials

Anonymous credential systems allow anonymous yet authenticated and accountable transactions between users and service providers. As such, they represent a powerful technique for protecting users' privacy when conducting Internet transactions. In this report, we show how to design privacy-friendly yet secure and accountable applications using the idemix anonymous credential system introduced in [1], based on protocols developed in [2]. In order to facilitate such design, we describe authentication, accountability and linkability features of the various idemix protocols as assertions on their in- and output parameter values. Using these assertions, we demonstrate the design of an application using idemix credentials based on the application's authentication, accountability and unidentifiability requirements.

[1] J. Camenisch and E. Van Herreweghen, Proc. 9th ACM CCS Conf., pp. 21-30 (ACM, 2002).
[2] J. Camenisch and A. Lysyanskaya, LNCS, vol. 2045, pp. 93-118 (Springer-Verlag, 2001).

By: Els Van Herreweghen

Published in: RZ3526 in 2004

LIMITED DISTRIBUTION NOTICE:

This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.

rz3526.pdf

Questions about this service can be mailed to reports@us.ibm.com .