The document provides an overview of a proposed anonymous certification system that uses pseudonyms. Key points: - It aims to allow users to generate multiple unlinkable pseudonyms from a single master secret key, providing anonymity while still allowing authentication. - Pseudonyms are generated using an identity generation process that squares the master public key. Certificates are obtained on pseudonyms using an anonymous certification scheme based on blind signatures. - The system includes protocols for identification, where a user proves possession of a certified pseudonym, and tracing, where a trustee can reveal a user's identity using a verification transcript. - The security is based on computational assumptions like factoring and the square root problem. Protocols are described

1. Certified Pseudonym
Colligated
with Master Secret Key
!
Vijay Pasupathinathan Macquarie University, Sydney.
joint work with
Josef Pieprzyk, Macquarie University, Sydney.
and, Huaxiong Wang, NTU, Singapore.

2. Outline
๏
Introduction
๏ Why a new system?
๏ Contribution
๏
How to achieve?
๏ Anonymous Certification systems
๏
Proposed Protocol
๏ Assumptions
๏ Protocol settings
๏ Security
๏
Applications, Advantages and open problem

3. What is a Pseudonym?
!
!
A mechanism to hide a user’s identity by providing anonymity,
while being still suitable to authenticate the holder of the
pseudonym in a communication system. (Chaum, 1985).

4. How are they achieved?
๏ Chaum and Evertse (1986) developed a pseudonym
system and proposed an RSA based implementation
while relying on a trusted centre who must sign all
credentials.
๏ Chen (1995) extended the scheme and presented its
discrete-logarithm version that relies on a trusted centre.
๏ However, these schemes have a common
weakness. Although the identity of the user is
hidden, the credentials (such as certificates of
his/her public key) or pseudonyms can be
easily shared (unauthorised transfer) with other
users.

5. How are they achieved? part 2
๏ Based on security of preserving a high-value (master) secret key,
Canettie et al. (2000) and Lysayanskaya et al.(1999)
independently proposed non-transferable pseudonym systems.
๏ Security is also based on the idea that “to force a user to reveal
the master secret key if they choose to share their credentials”.
๏ The problem is during the registration phase, users are required
to disclose their true identity (master public key) to a CA.
๏ Makes them prone to collusion between a CA and a Verifier.

6. What do we want!
๏ Pseudonym system based on a single trusted master
secret-public key pair.
๏ Pseudonyms should be independent of the master
public key. (Anonymity)
๏ Ability to generate multiple pseudonyms easily from a
single trusted secret-key. (Colligation)
๏ Verifiable using certificates that were issued against
pseudonyms.

7. Desired System
Pseudonym 1
Pseudonym 2
User
Trusted
SK0/PK0
SK0
PK 1
PK 2
.
.
.
Pseudonym i
Cert<PK1>
PK i
.
.
.
Pseudonym n
Certifier
PK n
Cert<PK2>
.....
Cert<PKn>

8. Desired System
Pseudonym 1
PK 1
Certifier
Cert<PK1>
User
Trusted
SK0/PK0
SK0
SK0{M}
PK 1
?
Cert<PK1>
Verify Message
using PK1
Think as group signatures looking through a mirror!
Verifier

9. Proposed Protocol
๏ Make use of an ACS (to certify pseudonyms)
๏ Make use of squaring (to provide colligation)
๏ There exits an underlying link between all pseudonyms
and the root secret key.

10. Anonymous Certification System
๏ Anonymous certification system (ACS) represents the
certification process of a public key by a certifier who
does not know the public key.
๏ This could essentially be a blind signature on the public
key of the user.
๏ That is, it provides anonymity to the receiver.
๏ Whereas, group signature schemes as employed by
provide anonymity to the source.

11. Anonymous Certification System
๏ Consists of four (4) entities: a user, verifier, certifier and a
trustee (tracer).
๏ The protocol suites include:
๏ a certification protocol, where an user interacts with the certifier to
obtain a certified pseudonym, i.e., the pseudonym is blindly
signed.
๏ An identification protocol, where verifier interacts with the user to
authenticate the user's credential and provide services.
๏ A trace protocol, where the trustee participates and is invoked to
trace the real identity associated with the user's pseudonym.

12. Security Assumptions
๏ Factoring: The probability that any probabilistic
polynomial time algorithm, can factor a composite
formed from two primes is negligible.
๏ Square Root: the probability that a probabilistic
polynomial time algorithm can output b such that b2 ≡ a
mod N, where a ∈ QRN, is negligible.
๏ Square Decisional Diffie-Hellmann: Distinguish between
distributions of the form (g, ga , ga2) from (g, ga , gr),
where r is random and uniformly chosen. We assume
that there is no probabilistic polynomial-time algorithm
that can solve a random instance of the SDDH problem.

13. The U master public-secret key-pair is generated
as in Section 2.1.1. U then obtains a certificate on the
master public key PKU 0 from a certification authority
C , which represents the U ’s true identity.
The public key of the certification authority is
obabilistic
SKC and the trustee is PK = gSKT , where
PKC = g
T
1
on input NAn user and SK are the corresponding secret keysthe
SKC generates new identities using for
๏
T
two prime
the certification authority
generation process and the trustee respectively.
a quadratic
put b, such
3.2 Identity Generation
๏ Which takes the inputs,
e probabil-
gorithm A ,
negligible
maller than
al Diffiee-Hellman
ws. Disthe form
andom and
N − 1}. We
olynomiala random
probability
onstruction
Identity Generation
following key
U generates secret key.
๏ Nj, g, master new identities using the following key
generation process, which takes the inputs, N j , g, a
counter value i i (indicating the total number new
๏ a counter value(indicating the total number of of new identities being
identities being generated), identity level l (number
generated),
of identities generated previously) and the master
๏ identity level U(number of identities generated previously).
secret key SKl 0 .
I-Generation(g,i,l,SKU 0 )
2
SKU
For j = l,. . . ,i do PKU j = g
Return(PKU l ,. . . ,PKU j )
j
0
mod N j EndFor
During the first run the value of identity level l

14. r user
aining
raphic
s.
ter public key is certified by the manufacturer,
and the following describes the certification of the
pseudonyms.
The user, U , generates pseudonyms of the form
Certifier
User
๏ A modified Certification scheme
(PKU 1 , . . . , PKU l ) using the identity generation pror∈ Z
based on blind signature
x = PK cess described in Section 3.2. The user then identifies
g
−−−−−−
−−−−−→
scheme by (Pointcheval, 2000)
β, γ, s ∈ Z
himself/herself (using, s)the master public key) to the
(X, Y ) = EncElg
(P K
PK
α = x ·engages
g
certifier andIHI(PK ∥(X,· Y )∥α) in a ๏ Signature scheme now includes
certify protocol to obtain a
δ=
=δ−
the . The public key of i
certificate e on γa pseudonym PKU i mastervalue of PKUthe
←−−−−−
−−−−−−
y = r − eSK
user which is used by the
is −−−−−−−−−−−→
never revealed to the certifier. We shall express this
certifier to form the
=
phase as x = yg + β P K
ρ
Certification
User
m
R
N0
r
U0
a1 =
g w ; a2
x
Verifier
k, w ∈R ZNi
= (PKT · PKU0 )w
k
h = I I(g 2 )
H
h,(a1 ,a2 ),(X,Y )
−−−−−−
−−−−−→
R
nts the
er who
ially a
public
he re-
N0
β−SKU
P KT
−γ
C
0
c1 ∈R ZNi
c2 = I I(X, Y, a1 , a2 )
H
U0
c1 ,c2
←−−−−−
−−−−−−
i
z1 = 2k − c1 · SK2 0
U
Ui
z1 ,z2 ,CERTC ⟨P KU ⟩
z2 = w − s · c2 − − − − − −i
−−−−−→
e
Verify CERTC ⟨P KUi ⟩
and obtain (α, δ)
C
y
?
?
y+SKU
δ ′ = I I(PKUi ∥(X, Y )∥α)
H
?
a1 = g z2 X c2 ; a2 = PKz2 Y c2
T
e
C
0
commitment and is later verified
by the , C ,
Figure 1: (PKU , CERTC ⟨PKU ⟩) ← Certi f y(Uuser.CERTC ⟨PKU ⟩)
Modified Blind Certification Protocol of
Figure 2: Identification Protocol
i
i
0
(Pointcheval, 2000) - The signature on PK is (α, δ, ρ) and
?
c
h = I I(g z P KUi )
H
Ui
d threea receiver can verify using the relation α = g PKC
between the verifier V and the trustee T . To trigger
i.e. “ U (e.g. applications in the certify protocol with C protocol parengages based on the protocol V has to provide proof of usfier V ,but certain applications
TPM) require the new identities to beU ⟩ to obtain a certificate on PKU ,
ing CERTC ⟨PK protected even ticipation by U . We shall express this phase as
0
otocolfrom the certifier. So, we propose a modification to (PKU ) ← Trace(V , T , PKU , CERTC ⟨PKU ⟩,i⟨PROOFU ⟩)
CERTC ⟨PKU i ⟩”.
the certification scheme based on a blind signature
U in-scheme using a composite modulus by Pointcheval
2000). The blind
scheme now
.e. the(Pointcheval,master public keysignatureuser which is
includes the
the
2.1.3 to form theofcommitment and is
Protocol Identify
proto-used by the certifier
?
ρ
δ
i
0
Verifier
i
Trustee
σ = SIGNV ⟨c, z, h⟩
σ,α,δ,ρ,PKU ,PKC
i
i

15. ol
ne
oee
y
U0 , s)
=
h
d on
even
s
on to
ature
rheval
now
e
ch is
nd is
us
ol of
) and
i
0
CERTC ⟨PKU i ⟩”.
Identification Protocol
2.1.3 Protocol Identify
๏ Based offered by a
A user U who wishes to avail serviceson Pointcheval
verifier V , engages in a identification protocol to conoptimised identification
vince that he/she possess the necessary (Pointcheval,
scheme credentials.
We shall express this phase as 2000)
User
Verifier
k, w ∈R ZNi
a1 = g w ; a2 = (PKT · PKU0 )w
k
h = I I(g 2 )
H
h,(a1 ,a2 ),(X,Y )
−−−−−−
−−−−−→
c1 ∈R ZNi
c2 = I I(X, Y, a1 , a2 )
H
c1 ,c2
←−−−−−
−−−−−−
i
z1 = 2k − c1 · SK2 0
U
z1 ,z2 ,CERTC ⟨P KU ⟩
z2 = w − s · c2 − − − − − −i
−−−−−→
Verify CERTC ⟨P KUi ⟩
and obtain (α, δ)
๏ Now also includes the DLEQ logg C = log ⟩, Y
⟨PROOFU i ⟩ ← Identi f y(U , V , PKU i , CERTX ⟨PKU iPKTPKT )
?
δ ′ = I I(PKUi ∥(X, Y )∥α)
H
?
a1 = g z2 X c2 ; a2 =
?
c
h = I I(g z P KUi )
H
PKz2 Y c2
T
Figure 2: Identification Protocol
i.e. “ U engages in an identification protocol with
a verifier V using the psuedonymn PKU i and
(PKCERT ⟨PK , ⟩ and ⟩, ⟨PROOF ⟩) contains the encryption of
) ← Trace(V , T , PK CERT ⟨PK which
C
Ui
the identity under the public key PKT ”.
between the verifier V and the trustee T . To trigger
the protocol V has to provide proof of protocol participation by U . We shall express this phase as
U0
Ui
Verifier
C
Ui
Trustee
σ = SIGNV ⟨c, z, h⟩
σ,α,δ,ρ,PKU ,PKC
2.1.4 Protocol Trace
−−−−−−
− − − −i − →
CERTC ⟨P KUi ⟩
VERIFY
⟨σ⟩
Ui

16. ρ) and
sed on
d even
ion to
nature
cheval
me now
hich is
and is
nature
ccomFigure
ol trivl’s pa-
based
cheme
cheme
DL-EQ
ses his
with a
verifier
in the
ted by
Figure 2: Identification Protocol
⟩ the trustee T . To trigger
CERTC ⟨PKU iand and which contains the encryption of
between the verifier V
the
provide proof
theprotocol V .has to under thisof protocol par- key PKT ”.
identityshall express the public
ticipation by U We
phase as
Tracing Protocol
(PKU 0 ) ← Trace(V , T , PKU i , CERTC ⟨PKU i ⟩, ⟨PROOFU i ⟩)
2.1.4 Protocol Trace
Verifier
Trustee
σ = SIGNV ⟨c, z, h⟩
๏ Invoked by a verifier after a user
has misused a pseudonym.
A verifier who needs to trace the identity of the user
๏ Verifier provides proof of a
contacts the trustee T by providing with the transcript
users participation.
from an identification protocol ⟨PROOFU i ⟩. We shall
๏ Trustee can reveal a user’s
express this phase as
σ,α,δ,ρ,PKU ,PKC
−−−−−−
− − − −i − →
CERTC ⟨P KUi ⟩
VERIFYPKV ⟨σ⟩
?
h = I I(g z PKc i )
H
U
?
α = g ρ PKδ
C
Verify CERTC ⟨P KUi ⟩
Obtain (X, Y ) from ⟨PROOFUi ⟩
P KU0 = DecElgSK (X, Y )
T
Figure 3: Tracing Protocol
master public key.
(PKU 0 ) ← Trace(V , T , PKU i , CERTC ⟨PKU i ⟩, ⟨PROOFU i ⟩)
4 SECURITY
i.e. “ V engages in the tracing protocol with T using
4.1 Adversary Goals
the values PKU i , CERTC ⟨PKU i ⟩ and proof of identity
We assume an active adversary A , who is capable of
use ⟨PROOFU i ⟩ messages in the commu- master identity PKU 0 ”.
eavesdropping and injecting to obtain the
nication medium. We also assume that an adversary
may be also be a legitimate (but dishonest) participant
in a protocol, i.e. either the certifier or the verifier or
both may be dishonest.
As in (Damgard, 1988; Lysyanskaya et al., 1999),

17. Security
๏ The proposal is secure against (as identified by Damgard,
1988; Lysyanskaya,1999):
๏ Pseudonym forgery: where an adversary tries to forge a
pseudonym for some user.
๏ Identity compromise: An adversary in association with
other participants tries to obtain information regarding the
user's master public-secret key-pair
๏ Pseudonym linking and colligation: An adversary tries to
obtain information that links a pair of pseudonyms to the
same user or to a user's master public key.

18. Application to TPM
๏ We are considering a TPM setting because of tamper resistant
protection offered to the master secret key, but the protocols
can be applied to other structures like directory based services
(e.g. active directory, LDAP)
๏ The endorsement (EK) in a TPM will be of the form (PK0 ,SK0)
๏ A user who wishes to obtain services from an application software on a
machine generates a pseudonym of the form (PKi ,SKi )
๏ At the end of the protocol run the application software is provided a
guarantee on the identity of the user and the associated TPM, but the
system still protects the identity of both the TPM and the user
associated with it.

19. Advantages
๏ Compared to other pseudonym schemes, our scheme
has an efficient identification protocol.
๏ Computations may be performed on the module itself,
whereas the DAA scheme requires computation to be
distributed among the TPM and the host computer.
๏ there are no new secret key to be generated for each
pseudonyms, only counter values of the pseudonym
๏ no appreciable increase in storage requirement even
when the number of pseudonyms required are high
๏ ideally suited for storage constraint devices

20. What’s Missing? Future Work?
๏ Needs a strong composite modulus. (May be 4096 bits)
๏ Prime modulus method ruled out, as SDDH is trivial.
๏ Every generated pseudonym needs to fall with the same
group as the master secret key.
๏ Identity Transfer
๏ Pseudonym chains cannot be formed. (NOT YET!)
๏ That is, using PK1 to generate new pseudonyms, but still
verifiable using SK0.

21. Thank You
vijay@cprotocol.com