Secure & privacy-preserving eID systems with Attribute-Based Credentials

Badarinath Hampiholi, Brinda (2014) Secure & privacy-preserving eID systems with Attribute-Based Credentials.

[img]
Preview
PDF
2MB
Abstract:National electronic identification (eID) systems aim to provide universal, unique and reliable identification and authentication mechanisms to the citizens. As the ID documents are the carriers of a citizen's identity and personal data, the outgoing information from the cards must be restricted in order to prevent unwanted data disclosure, subsequent data misuse and loss of the citizen's privacy. The German eID system (nPA) is by-far the most advanced and privacy-preserving eID solution that has been launched in Europe as it has taken extra measures to protect its citizen's data and privacy; however some security and privacy threats persist in nPA. In this thesis, we study the key concepts and security protocols used in nPA and identify its main threats. Furthermore, we explore Attribute-Based Credentials (ABC) by studying in detail about I Reveal My Attributes (IRMA), that is a recent technology built upon the principles on ABC. IRMA is a partial implementation of Idemix specification and it mainly focusses on enhancing security and privacy of identity management systems. IRMA makes use of zero-knowledge protocols to prove the validity of certain attributes of the eID cardholder while allowing the selective disclosure of attributes and supporting unlinkability features. We elaborate on the advantages of such ABCs that could be used to address the threats identfied in nPA and propose a specfic scheme that integrates IRMA authentication with nPA. Our proposal shows how to use IRMA in eID systems like nPA in order to overcome the its prevalent shortcomings. The IRMA authentication provides better privacy, security and flexibility for the eID infrastructure. Finally, we discuss the performance of smart-card implementation of IRMA credentials and present some use-cases that would benefit from the proposed eID scheme.
Item Type:Essay (Master)
Clients:
NXP Semiconductors, Eindhoven, The Netherlands
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:http://purl.utwente.nl/essays/65593
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page