Privacy protection in PKIs

A separation-of-authority approach

Taekyoung Kwon, Jung Hee Cheon, Yongdae Kim, Jae Il Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

Due to the growing number of privacy infringement problems, there are increasing demands for privacy enhancing techniques on the Internet. In the PKIs, authorized entities such as CA and RA may become, from the privacy concerns, a big brother even unintentionally since they can always trace the registered users with regard to the public key certificates. In this paper, we investigate a practical method for privacy protection in the existing PKIs by separating the authorities, one for verifying ownership and the other for validating contents, in a blinded manner. The proposed scheme allows both anonymous and pseudonymous certificates to be issued and used in the existing infrastructures in the way that provides conditional traceability and revocability based on the threshold cryptography and selective credential show by exploiting the extension fields of X.509 certificate version 3.

Original languageEnglish
Title of host publicationInformation Security Applications - 7th International Workshop, WISA 2006 Revised Selected Papers
Pages297-311
Number of pages15
Publication statusPublished - 2007 Dec 1
Event7th International Workshop on Information Security Applications, WISA 2006 - Jeju Island, Korea, Republic of
Duration: 2006 Aug 282006 Aug 30

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4298 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other7th International Workshop on Information Security Applications, WISA 2006
CountryKorea, Republic of
CityJeju Island
Period06/8/2806/8/30

Fingerprint

Privacy Protection
Certificate
Cryptography
Privacy
Internet
Threshold Cryptography
Traceability
Field extension
Public key
Infrastructure
Trace

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Kwon, T., Cheon, J. H., Kim, Y., & Lee, J. I. (2007). Privacy protection in PKIs: A separation-of-authority approach. In Information Security Applications - 7th International Workshop, WISA 2006 Revised Selected Papers (pp. 297-311). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4298 LNCS).
Kwon, Taekyoung ; Cheon, Jung Hee ; Kim, Yongdae ; Lee, Jae Il. / Privacy protection in PKIs : A separation-of-authority approach. Information Security Applications - 7th International Workshop, WISA 2006 Revised Selected Papers. 2007. pp. 297-311 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{e5a64f2821c64625b91a74a8c7917fac,
title = "Privacy protection in PKIs: A separation-of-authority approach",
abstract = "Due to the growing number of privacy infringement problems, there are increasing demands for privacy enhancing techniques on the Internet. In the PKIs, authorized entities such as CA and RA may become, from the privacy concerns, a big brother even unintentionally since they can always trace the registered users with regard to the public key certificates. In this paper, we investigate a practical method for privacy protection in the existing PKIs by separating the authorities, one for verifying ownership and the other for validating contents, in a blinded manner. The proposed scheme allows both anonymous and pseudonymous certificates to be issued and used in the existing infrastructures in the way that provides conditional traceability and revocability based on the threshold cryptography and selective credential show by exploiting the extension fields of X.509 certificate version 3.",
author = "Taekyoung Kwon and Cheon, {Jung Hee} and Yongdae Kim and Lee, {Jae Il}",
year = "2007",
month = "12",
day = "1",
language = "English",
isbn = "9783540710929",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "297--311",
booktitle = "Information Security Applications - 7th International Workshop, WISA 2006 Revised Selected Papers",

}

Kwon, T, Cheon, JH, Kim, Y & Lee, JI 2007, Privacy protection in PKIs: A separation-of-authority approach. in Information Security Applications - 7th International Workshop, WISA 2006 Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4298 LNCS, pp. 297-311, 7th International Workshop on Information Security Applications, WISA 2006, Jeju Island, Korea, Republic of, 06/8/28.

Privacy protection in PKIs : A separation-of-authority approach. / Kwon, Taekyoung; Cheon, Jung Hee; Kim, Yongdae; Lee, Jae Il.

Information Security Applications - 7th International Workshop, WISA 2006 Revised Selected Papers. 2007. p. 297-311 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4298 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Privacy protection in PKIs

T2 - A separation-of-authority approach

AU - Kwon, Taekyoung

AU - Cheon, Jung Hee

AU - Kim, Yongdae

AU - Lee, Jae Il

PY - 2007/12/1

Y1 - 2007/12/1

N2 - Due to the growing number of privacy infringement problems, there are increasing demands for privacy enhancing techniques on the Internet. In the PKIs, authorized entities such as CA and RA may become, from the privacy concerns, a big brother even unintentionally since they can always trace the registered users with regard to the public key certificates. In this paper, we investigate a practical method for privacy protection in the existing PKIs by separating the authorities, one for verifying ownership and the other for validating contents, in a blinded manner. The proposed scheme allows both anonymous and pseudonymous certificates to be issued and used in the existing infrastructures in the way that provides conditional traceability and revocability based on the threshold cryptography and selective credential show by exploiting the extension fields of X.509 certificate version 3.

AB - Due to the growing number of privacy infringement problems, there are increasing demands for privacy enhancing techniques on the Internet. In the PKIs, authorized entities such as CA and RA may become, from the privacy concerns, a big brother even unintentionally since they can always trace the registered users with regard to the public key certificates. In this paper, we investigate a practical method for privacy protection in the existing PKIs by separating the authorities, one for verifying ownership and the other for validating contents, in a blinded manner. The proposed scheme allows both anonymous and pseudonymous certificates to be issued and used in the existing infrastructures in the way that provides conditional traceability and revocability based on the threshold cryptography and selective credential show by exploiting the extension fields of X.509 certificate version 3.

UR - http://www.scopus.com/inward/record.url?scp=38049165166&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38049165166&partnerID=8YFLogxK

M3 - Conference contribution

SN - 9783540710929

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 297

EP - 311

BT - Information Security Applications - 7th International Workshop, WISA 2006 Revised Selected Papers

ER -

Kwon T, Cheon JH, Kim Y, Lee JI. Privacy protection in PKIs: A separation-of-authority approach. In Information Security Applications - 7th International Workshop, WISA 2006 Revised Selected Papers. 2007. p. 297-311. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).