SlideShare ist ein Scribd-Unternehmen logo

Anonymous Credentials on Java Card - SIT Smartcard 2011

T
Thomas Gross

How anonymous credentials can enhance electronic identity cards with strong security and privacy. A feasibility study presented at the Fraunhofer SIT Smartcard workshop 2011

Technologie
1 von 25
Downloaden Sie, um offline zu lesen
Dr. Thomas Groß – Research Scientist 03 February 2011 Anonymous Credentials on Java Card Patrik Bichsel, Jan Camenisch, Thomas Groß, Victor Shoup 1 © 2009 IBM Corporation
Privacy Feasibility Way Ahead ￷ [Images from iStockPhoto.com] 2
Privacy Feasibility Way Ahead ￷ 3
“Neil Armstrong’s Footsteps are still there” (Robin Wilton, Sun Microsystems) ᄅ 4
IBM Presentation Template Full Version Anonymous Credentials: Attribute-based Access w/ Strong Security & Privacy 5 © 2011 IBM Corporation
Private Credentials: How to Build Them In the beginning...
State of the Art: How to Build Them asking for a credential
State of the Art: How to Build Them getting a credential ... containing “birth date = April 3, 1987”
State of the Art: How to Build Them showing a credential ... goes off-line - driver's license - insurance - older > 20
State of the Art: How to Build Them showing a credential ... containing statements “driver's license, age (as stated in driver’s license) > 20, and insurance” Using identity mixer, user can transform (different) token(s) into a new single one that, however, still verifies w.r.t. original signers' public keys.
Signature Scheme based on SRSA [CL01] Public key of signer: RSA modulus n and ai, b, d Є QRn Secret key: factors of n To sign k messages m1, ..., mk Є {0,1}ℓ :  choose random prime e > 2ℓ and integer s ≈ n  compute c such that m1 mk s e d = a ·...· a b c mod n 1 k  signature is (c,e,s) [SRSA CL-signature system introduced in Camenisch and Lysyanskaya '01. There exist alternative systems in elliptic curve settings, for instance with BBS-alike signatures.]
Signature Scheme based on SRSA [CL01] A signature (c,e,s) on messages m1, ..., mk is valid iff:  m1, ..., mk Є {0,1}ℓ:  e > 2ℓ m1 mk  d= a ·...· a bs ce mod n 1 k Theorem: Signature scheme is secure against adaptively chosen message attacks under Strong RSA assumption.
Proof of Knowledge of a CL Signature Solution randomize c : – Let c' = c bs'mod n with random s' then d = c'e a m1 mk – · ... · a bs* (mod n) holds, 1 k i.e., (c',e, s*) is a also a valid signature! Therefore, to prove knowledge of signature on hidden msgs:  provide c'  PK{(e, m1, ..., mk, s) : d = c'e a m1 · ... · a mk b s 1 k ∧ mi Є {0,1}ℓ ∧ e Є 2ℓ+1 ± {0,1}ℓ }
Privacy Feasibility Way Ahead ￷ 14
Vision: Smart Identity Card Strong accountability and privacy Sustainable secondary use Trusted identity basis Cost effective Future-proof [Card picture is an artists conception: the chip of the actual JCOP 41/v.2.2 Java Card used for the feasibility study is on the backside.] © 2011 IBM Corporation
IBM Presentation Template Full Version [Independent proof point: Feasibility Problem Sterckx, Gierlichs, Preneel, Verbauwhede ‘09] Run anonymous credential system autonomously and securely on a standard off-the-shelf Java Card. Autonomy All data on card Malicious terminal 16 © 2011 IBM Corporation
IBM Presentation Template Full Version Java Card* Limitations § 8-bit CPU (3.57 MHz) § Limited access to public key-CP (only standard RSA, DSA) § Limited RAM (2K) *: JCOP 41/v2.2 17 © 2011 IBM Corporation
IBM Presentation Template Full Version Java Card Structure IDMX Applet Basic Ops interface Card Java Card API Manager Java Card VM Card-Specific Operating System 8-bit CPU 3DES CP Public Key CP [Source: Prof. Wolfgang Reif – chip cards] 18 © 2011 IBM Corporation
System Overview User PC User interacts/ Browser request: policy/ Backend consents response: proof to policy (Server) Identity Wallet Identity Mixer Validation request: policy/ pkI response: proof Validates proofs with Key Point issuer’s public key Transforms inserts/owns certificates Smart ID Card in privacy- Identity Mixer preserving identity proof statements skU certificates Maintains master key and certificates confidential Won the Innovation Award 2009 (Gesellschaft für Informatik, GI) Secure Javacard 19 © 2011 IBM Corporation
IBM Presentation Template Full Version Execution Times for a Full Proof (incl. Communication) Modulus 1280 bit 1536 bit 1984 bit Precomputation 5203 ms 7828 ms 13250 ms Compute A’ 2125 ms 2906 ms 5000 ms Compute T1 3078 ms 4922 ms 8250 ms Policy-dependent 2234 ms 2625 ms 3298 ms Compute 1 562 ms 656 ms 828 ms response Total 7437 ms 10453 ms 16548 ms [Avg. performance measurements with 100 experiments on JCOP 41/v2.2. A': credential blinding, T1: first stage of Sigma-proof commitment, response: Sigma-proof response] 20 © 2011 IBM Corporation
Privacy Technology Way Ahead ￷ 21
IBM Presentation Template Full Version Just Launched ABC4Trust Project ■ EU FP 7 research project ■ 13.5 Million EUR, 4 years ■ 12 partners ● Goethe University Frankfurt Unabhängiges Landeszentrum für ● Datenschutz ● Alexandra Institute Eurodocs ● ●Research Academic Computer Technology Institute CryptoExperts (SmartCards) ● ● IBM Research Microsoft R&D France ● ● Lenio Municipality of Söderhamn ● ● Nokia Siemens Networks Technische Universität Darmstadt ● 22 © 2011 IBM Corporation
IBM Presentation Template Full Version ABC4Trust Goals Achieve paradigm shift and interoperability in trustworthy infrastructures ■ Establish abstraction and unification of different crypto algorithms. ■ Create interaction flows, architecture & data formats as well as policies. ■ Realize reference implementation. ■ Validate concepts by real-world pilots in the eID space. ■ Establish NG smart card implementation of anonymous credentials. –Realization by CryptoExperts, lead by Pascal Paillier. –Native SmartCard, direct access to crypto co-processor. 23 © 2011 IBM Corporation
Privacy Feasibility Way Ahead Anonymous Anonymous credentials: Technology credential future-proof feasible and systems to be solution to practical: harmonized, ￷ minimal efficiently integrated disclosure realizable on into identity and attribute smart cards management authentication systems 24
IBM Presentation Template Full Version Resources ■ This talk is based on P. Bichsel, J. Camenisch, T. Gross, V. Shoup. Anonymous Credentials on a Standard Java Card. ACM CCS 2009. Prof. V. Shoup is affiliated with the New York University and contributed to this work during a sabbatical at IBM Research – Zurich. ■ Identity Mixer Community: idemix.wordpress.com – Download Identity Mixer Library 2.3.2 – Read Identity Mixer Specification 2.3.2 – http://prime.inf.tu-dresden.de/idemix/ ■ PrimeLife: www.primelife.eu ■ ABC4Trust: www.abc4trust.de ■ Email Jan or Thomas: {jca, tgr}[at]zurich.ibm.com 25 © 2011 IBM Corporation

Empfohlen

CCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas GrossCCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas Gross
Thomas Gross
 
An Automation Support for Creating Configurable Process Models
An Automation Support for Creating Configurable Process ModelsAn Automation Support for Creating Configurable Process Models
An Automation Support for Creating Configurable Process Models
Wassim Derguech
 
SmartCard Forum 2008 - Gemalto
SmartCard Forum 2008 - GemaltoSmartCard Forum 2008 - Gemalto
SmartCard Forum 2008 - Gemalto
OKsystem
 
Designing and Attacking Virtual Machines (RSA 2004)
Designing and Attacking Virtual Machines (RSA 2004)Designing and Attacking Virtual Machines (RSA 2004)
Designing and Attacking Virtual Machines (RSA 2004)
Nate Lawson
 
ieee title
ieee titleieee title
ieee title
srikanthsailu
 
A Hardware Interface for Joint Control in the AD Architecture
A Hardware Interface for Joint Control in the AD ArchitectureA Hardware Interface for Joint Control in the AD Architecture
A Hardware Interface for Joint Control in the AD Architecture
Víctor Pacheco
 
Towards a Better Understanding of Model-Free Semantic Concept Detection for A...
Towards a Better Understanding of Model-Free Semantic Concept Detection for A...Towards a Better Understanding of Model-Free Semantic Concept Detection for A...
Towards a Better Understanding of Model-Free Semantic Concept Detection for A...
Wesley De Neve
 
Attribute-based Authentication
Attribute-based AuthenticationAttribute-based Authentication
Attribute-based Authentication
Thomas Gross
 

Empfohlen

CCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas GrossCCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas Gross
Thomas Gross
 
An Automation Support for Creating Configurable Process Models
An Automation Support for Creating Configurable Process ModelsAn Automation Support for Creating Configurable Process Models
An Automation Support for Creating Configurable Process Models
Wassim Derguech
 
SmartCard Forum 2008 - Gemalto
SmartCard Forum 2008 - GemaltoSmartCard Forum 2008 - Gemalto
SmartCard Forum 2008 - Gemalto
OKsystem
 
Designing and Attacking Virtual Machines (RSA 2004)
Designing and Attacking Virtual Machines (RSA 2004)Designing and Attacking Virtual Machines (RSA 2004)
Designing and Attacking Virtual Machines (RSA 2004)
Nate Lawson
 
ieee title
ieee titleieee title
ieee title
srikanthsailu
 
A Hardware Interface for Joint Control in the AD Architecture
A Hardware Interface for Joint Control in the AD ArchitectureA Hardware Interface for Joint Control in the AD Architecture
A Hardware Interface for Joint Control in the AD Architecture
Víctor Pacheco
 
Towards a Better Understanding of Model-Free Semantic Concept Detection for A...
Towards a Better Understanding of Model-Free Semantic Concept Detection for A...Towards a Better Understanding of Model-Free Semantic Concept Detection for A...
Towards a Better Understanding of Model-Free Semantic Concept Detection for A...
Wesley De Neve
 
Attribute-based Authentication
Attribute-based AuthenticationAttribute-based Authentication
Attribute-based Authentication
Thomas Gross
 
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas GrossCCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
Thomas Gross
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalities
Yiannis Hatzopoulos
 
Software Defined Data Centers - June 2012
Software Defined Data Centers - June 2012Software Defined Data Centers - June 2012
Software Defined Data Centers - June 2012
Brent Salisbury
 
Internet security
Internet securityInternet security
Internet security
Calicut University
 
CCNA Security - Chapter 7
CCNA Security - Chapter 7CCNA Security - Chapter 7
CCNA Security - Chapter 7
Irsandi Hasan
 
OpenStack and OpenFlow Demos
OpenStack and OpenFlow DemosOpenStack and OpenFlow Demos
OpenStack and OpenFlow Demos
Brent Salisbury
 
Scrambling For Video Surveillance
Scrambling For Video SurveillanceScrambling For Video Surveillance
Scrambling For Video Surveillance
Kobi Magnezi
 
The Belgian E Id Hacker Vs Developer
The Belgian E Id Hacker Vs DeveloperThe Belgian E Id Hacker Vs Developer
The Belgian E Id Hacker Vs Developer
beires
 
How to create your Smart Toy with bluemix & 7688 Duo board
How to create your Smart Toy with bluemix & 7688 Duo boardHow to create your Smart Toy with bluemix & 7688 Duo board
How to create your Smart Toy with bluemix & 7688 Duo board
湯米吳 Tommy Wu
 
Ch7 2ed
Ch7 2edCh7 2ed
Ch7 2ed
srinuy12mc24017
 
Using Hard Disk Encryption and Novell SecureLogin
Using Hard Disk Encryption and Novell SecureLoginUsing Hard Disk Encryption and Novell SecureLogin
Using Hard Disk Encryption and Novell SecureLogin
Novell
 
Upgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVC
Upgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVCUpgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVC
Upgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVC
FPGA Central
 
“Proposed Model for Network Security Issues Using Elliptical Curve Cryptography”
“Proposed Model for Network Security Issues Using Elliptical Curve Cryptography”“Proposed Model for Network Security Issues Using Elliptical Curve Cryptography”
“Proposed Model for Network Security Issues Using Elliptical Curve Cryptography”
IOSR Journals
 
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
TUESDAY Business Network
 
Ghl systems net matrix terminal line encryption 2009 2010
Ghl systems net matrix terminal line encryption 2009 2010Ghl systems net matrix terminal line encryption 2009 2010
Ghl systems net matrix terminal line encryption 2009 2010
Alex Tan
 
CPK Cryptosystem In Solaris
CPK Cryptosystem In SolarisCPK Cryptosystem In Solaris
CPK Cryptosystem In Solaris
Zhi Guan
 
HighCloud Security CSA LA and Seattle chapter presentation
HighCloud Security CSA LA and Seattle chapter presentationHighCloud Security CSA LA and Seattle chapter presentation
HighCloud Security CSA LA and Seattle chapter presentation
HighCloud Security
 
PKI in today's landscape (Mauritius - Siddick)
PKI in today's landscape (Mauritius - Siddick)PKI in today's landscape (Mauritius - Siddick)
PKI in today's landscape (Mauritius - Siddick)
Siddick Elaheebocus
 
Identity and Access Management and electronic Identities _ Belgian Federal Go...
Identity and Access Management and electronic Identities _ Belgian Federal Go...Identity and Access Management and electronic Identities _ Belgian Federal Go...
Identity and Access Management and electronic Identities _ Belgian Federal Go...
E-Government Center Moldova
 
ICPC11c.ppt
ICPC11c.pptICPC11c.ppt
ICPC11c.ppt
Ptidej Team
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Weitere ähnliche Inhalte

Ähnlich wie Anonymous Credentials on Java Card - SIT Smartcard 2011

eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalities
Yiannis Hatzopoulos
 
CCNA Security - Chapter 7
CCNA Security - Chapter 7CCNA Security - Chapter 7
CCNA Security - Chapter 7
Irsandi Hasan
 
Scrambling For Video Surveillance
Scrambling For Video SurveillanceScrambling For Video Surveillance
Scrambling For Video Surveillance
Kobi Magnezi
 
The Belgian E Id Hacker Vs Developer
The Belgian E Id Hacker Vs DeveloperThe Belgian E Id Hacker Vs Developer
The Belgian E Id Hacker Vs Developer
beires
 
Using Hard Disk Encryption and Novell SecureLogin
Using Hard Disk Encryption and Novell SecureLoginUsing Hard Disk Encryption and Novell SecureLogin
Using Hard Disk Encryption and Novell SecureLogin
Novell
 
Upgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVC
Upgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVCUpgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVC
Upgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVC
FPGA Central
 
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
TUESDAY Business Network
 
CPK Cryptosystem In Solaris
CPK Cryptosystem In SolarisCPK Cryptosystem In Solaris
CPK Cryptosystem In Solaris
Zhi Guan
 

Ähnlich wie Anonymous Credentials on Java Card - SIT Smartcard 2011 (20)

CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas GrossCCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalities
 
Software Defined Data Centers - June 2012
Software Defined Data Centers - June 2012Software Defined Data Centers - June 2012
Software Defined Data Centers - June 2012
 
Internet security
Internet securityInternet security
Internet security
 
CCNA Security - Chapter 7
CCNA Security - Chapter 7CCNA Security - Chapter 7
CCNA Security - Chapter 7
 
OpenStack and OpenFlow Demos
OpenStack and OpenFlow DemosOpenStack and OpenFlow Demos
OpenStack and OpenFlow Demos
 
Scrambling For Video Surveillance
Scrambling For Video SurveillanceScrambling For Video Surveillance
Scrambling For Video Surveillance
 
The Belgian E Id Hacker Vs Developer
The Belgian E Id Hacker Vs DeveloperThe Belgian E Id Hacker Vs Developer
The Belgian E Id Hacker Vs Developer
 
How to create your Smart Toy with bluemix & 7688 Duo board
How to create your Smart Toy with bluemix & 7688 Duo boardHow to create your Smart Toy with bluemix & 7688 Duo board
How to create your Smart Toy with bluemix & 7688 Duo board
 
Ch7 2ed
Ch7 2edCh7 2ed
Ch7 2ed
 
Using Hard Disk Encryption and Novell SecureLogin
Using Hard Disk Encryption and Novell SecureLoginUsing Hard Disk Encryption and Novell SecureLogin
Using Hard Disk Encryption and Novell SecureLogin
 
Upgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVC
Upgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVCUpgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVC
Upgrading to System Verilog for FPGA Designs, Srinivasan Venkataramanan, CVC
 
“Proposed Model for Network Security Issues Using Elliptical Curve Cryptography”
“Proposed Model for Network Security Issues Using Elliptical Curve Cryptography”“Proposed Model for Network Security Issues Using Elliptical Curve Cryptography”
“Proposed Model for Network Security Issues Using Elliptical Curve Cryptography”
 
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
Zranitelnost čipových platebních karet jako příklad on-line hrozby - Tomáš Ro...
 
Ghl systems net matrix terminal line encryption 2009 2010
Ghl systems net matrix terminal line encryption 2009 2010Ghl systems net matrix terminal line encryption 2009 2010
Ghl systems net matrix terminal line encryption 2009 2010
 
CPK Cryptosystem In Solaris
CPK Cryptosystem In SolarisCPK Cryptosystem In Solaris
CPK Cryptosystem In Solaris
 
HighCloud Security CSA LA and Seattle chapter presentation
HighCloud Security CSA LA and Seattle chapter presentationHighCloud Security CSA LA and Seattle chapter presentation
HighCloud Security CSA LA and Seattle chapter presentation
 
PKI in today's landscape (Mauritius - Siddick)
PKI in today's landscape (Mauritius - Siddick)PKI in today's landscape (Mauritius - Siddick)
PKI in today's landscape (Mauritius - Siddick)
 
Identity and Access Management and electronic Identities _ Belgian Federal Go...
Identity and Access Management and electronic Identities _ Belgian Federal Go...Identity and Access Management and electronic Identities _ Belgian Federal Go...
Identity and Access Management and electronic Identities _ Belgian Federal Go...
 
ICPC11c.ppt
ICPC11c.pptICPC11c.ppt
ICPC11c.ppt
 

Kürzlich hochgeladen

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Kürzlich hochgeladen (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

Anonymous Credentials on Java Card - SIT Smartcard 2011

  • 1. Dr. Thomas Groß – Research Scientist 03 February 2011 Anonymous Credentials on Java Card Patrik Bichsel, Jan Camenisch, Thomas Groß, Victor Shoup 1 © 2009 IBM Corporation
  • 2. Privacy Feasibility Way Ahead ￷ [Images from iStockPhoto.com] 2
  • 3. Privacy Feasibility Way Ahead ￷ 3
  • 4. “Neil Armstrong’s Footsteps are still there” (Robin Wilton, Sun Microsystems) ᄅ 4
  • 5. IBM Presentation Template Full Version Anonymous Credentials: Attribute-based Access w/ Strong Security & Privacy 5 © 2011 IBM Corporation
  • 6. Private Credentials: How to Build Them In the beginning...
  • 7. State of the Art: How to Build Them asking for a credential
  • 8. State of the Art: How to Build Them getting a credential ... containing “birth date = April 3, 1987”
  • 9. State of the Art: How to Build Them showing a credential ... goes off-line - driver's license - insurance - older > 20
  • 10. State of the Art: How to Build Them showing a credential ... containing statements “driver's license, age (as stated in driver’s license) > 20, and insurance” Using identity mixer, user can transform (different) token(s) into a new single one that, however, still verifies w.r.t. original signers' public keys.
  • 11. Signature Scheme based on SRSA [CL01] Public key of signer: RSA modulus n and ai, b, d Є QRn Secret key: factors of n To sign k messages m1, ..., mk Є {0,1}ℓ :  choose random prime e > 2ℓ and integer s ≈ n  compute c such that m1 mk s e d = a ·...· a b c mod n 1 k  signature is (c,e,s) [SRSA CL-signature system introduced in Camenisch and Lysyanskaya '01. There exist alternative systems in elliptic curve settings, for instance with BBS-alike signatures.]
  • 12. Signature Scheme based on SRSA [CL01] A signature (c,e,s) on messages m1, ..., mk is valid iff:  m1, ..., mk Є {0,1}ℓ:  e > 2ℓ m1 mk  d= a ·...· a bs ce mod n 1 k Theorem: Signature scheme is secure against adaptively chosen message attacks under Strong RSA assumption.
  • 13. Proof of Knowledge of a CL Signature Solution randomize c : – Let c' = c bs'mod n with random s' then d = c'e a m1 mk – · ... · a bs* (mod n) holds, 1 k i.e., (c',e, s*) is a also a valid signature! Therefore, to prove knowledge of signature on hidden msgs:  provide c'  PK{(e, m1, ..., mk, s) : d = c'e a m1 · ... · a mk b s 1 k ∧ mi Є {0,1}ℓ ∧ e Є 2ℓ+1 ± {0,1}ℓ }
  • 14. Privacy Feasibility Way Ahead ￷ 14
  • 15. Vision: Smart Identity Card Strong accountability and privacy Sustainable secondary use Trusted identity basis Cost effective Future-proof [Card picture is an artists conception: the chip of the actual JCOP 41/v.2.2 Java Card used for the feasibility study is on the backside.] © 2011 IBM Corporation
  • 16. IBM Presentation Template Full Version [Independent proof point: Feasibility Problem Sterckx, Gierlichs, Preneel, Verbauwhede ‘09] Run anonymous credential system autonomously and securely on a standard off-the-shelf Java Card. Autonomy All data on card Malicious terminal 16 © 2011 IBM Corporation
  • 17. IBM Presentation Template Full Version Java Card* Limitations § 8-bit CPU (3.57 MHz) § Limited access to public key-CP (only standard RSA, DSA) § Limited RAM (2K) *: JCOP 41/v2.2 17 © 2011 IBM Corporation
  • 18. IBM Presentation Template Full Version Java Card Structure IDMX Applet Basic Ops interface Card Java Card API Manager Java Card VM Card-Specific Operating System 8-bit CPU 3DES CP Public Key CP [Source: Prof. Wolfgang Reif – chip cards] 18 © 2011 IBM Corporation
  • 19. System Overview User PC User interacts/ Browser request: policy/ Backend consents response: proof to policy (Server) Identity Wallet Identity Mixer Validation request: policy/ pkI response: proof Validates proofs with Key Point issuer’s public key Transforms inserts/owns certificates Smart ID Card in privacy- Identity Mixer preserving identity proof statements skU certificates Maintains master key and certificates confidential Won the Innovation Award 2009 (Gesellschaft für Informatik, GI) Secure Javacard 19 © 2011 IBM Corporation
  • 20. IBM Presentation Template Full Version Execution Times for a Full Proof (incl. Communication) Modulus 1280 bit 1536 bit 1984 bit Precomputation 5203 ms 7828 ms 13250 ms Compute A’ 2125 ms 2906 ms 5000 ms Compute T1 3078 ms 4922 ms 8250 ms Policy-dependent 2234 ms 2625 ms 3298 ms Compute 1 562 ms 656 ms 828 ms response Total 7437 ms 10453 ms 16548 ms [Avg. performance measurements with 100 experiments on JCOP 41/v2.2. A': credential blinding, T1: first stage of Sigma-proof commitment, response: Sigma-proof response] 20 © 2011 IBM Corporation
  • 21. Privacy Technology Way Ahead ￷ 21
  • 22. IBM Presentation Template Full Version Just Launched ABC4Trust Project ■ EU FP 7 research project ■ 13.5 Million EUR, 4 years ■ 12 partners ● Goethe University Frankfurt Unabhängiges Landeszentrum für ● Datenschutz ● Alexandra Institute Eurodocs ● ●Research Academic Computer Technology Institute CryptoExperts (SmartCards) ● ● IBM Research Microsoft R&D France ● ● Lenio Municipality of Söderhamn ● ● Nokia Siemens Networks Technische Universität Darmstadt ● 22 © 2011 IBM Corporation
  • 23. IBM Presentation Template Full Version ABC4Trust Goals Achieve paradigm shift and interoperability in trustworthy infrastructures ■ Establish abstraction and unification of different crypto algorithms. ■ Create interaction flows, architecture & data formats as well as policies. ■ Realize reference implementation. ■ Validate concepts by real-world pilots in the eID space. ■ Establish NG smart card implementation of anonymous credentials. –Realization by CryptoExperts, lead by Pascal Paillier. –Native SmartCard, direct access to crypto co-processor. 23 © 2011 IBM Corporation
  • 24. Privacy Feasibility Way Ahead Anonymous Anonymous credentials: Technology credential future-proof feasible and systems to be solution to practical: harmonized, ￷ minimal efficiently integrated disclosure realizable on into identity and attribute smart cards management authentication systems 24
  • 25. IBM Presentation Template Full Version Resources ■ This talk is based on P. Bichsel, J. Camenisch, T. Gross, V. Shoup. Anonymous Credentials on a Standard Java Card. ACM CCS 2009. Prof. V. Shoup is affiliated with the New York University and contributed to this work during a sabbatical at IBM Research – Zurich. ■ Identity Mixer Community: idemix.wordpress.com – Download Identity Mixer Library 2.3.2 – Read Identity Mixer Specification 2.3.2 – http://prime.inf.tu-dresden.de/idemix/ ■ PrimeLife: www.primelife.eu ■ ABC4Trust: www.abc4trust.de ■ Email Jan or Thomas: {jca, tgr}[at]zurich.ibm.com 25 © 2011 IBM Corporation