Privacy-Preserving Credentials Upon Trusted Computing Augmented Servers
Conference Proceeding Article
Credentials are an indispensable means for service access control in electronic commerce. However, regular credentials such as X.509 certificates and SPKI/SDSI certificates do not address user privacy at all, while anonymous credentials that protect user privacy are complex and have compatibility problems with existing PKIs. In this paper we propose privacy-preserving credentials, a concept between regular credentials and anonymous credentials. The privacy-preserving credentials enjoy the advantageous features of both regular credentials and anonymous credentials, and strike a balance between user anonymity and system complexity. We achieve this by employing computer servers equipped with TPMs (Trusted Platform Modules). We present a detailed construction for ElGamal encryption credentials. We also present XML-based specification for the privacy-preserving credentials.
Information Security and Trust
Information Security Practice and Experience: Third International Conference, ISPEC 2007, Hong Kong, China, May 7-9: Proceedings
City or Country
YANG, Yanjiang; DENG, Robert H.; and Bao, Feng.
Privacy-Preserving Credentials Upon Trusted Computing Augmented Servers. (2007). Information Security Practice and Experience: Third International Conference, ISPEC 2007, Hong Kong, China, May 7-9: Proceedings. 4464, 177-192. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/388