Anonymous authentication systems based on private information retrieval

Author

Nakamura, Toru ; Inenaga, Shunsuke ; Ikeda, Daisuke ; Baba, Kensuke ; Yasuura, Hiroto

Author_Institution

Fac. of Inf. Sci. & Electr. Eng., Kyushu Univ., Fukuoka, Japan

fYear

2009

fDate

28-31 July 2009

Firstpage

53

Lastpage

58

Abstract

This paper focuses on authentication with three types of entities: a user who sends an authentication request, an authentication-server who receives and verifies the request, and a database who supplies the authentication-server with information for verifying the request. This paper presents novel authentication protocols that satisfy the following important properties: (1) secure against replay attacks, (2) the database(s) cannot identify which user is authenticating and (3) the authentication-server cannot identify to which user a given authentication-request corresponds. Firstly, we show a protocol with a single database which satisfies Properties (1) and (2). Secondly, we show a protocol with multiple databases which satisfies Properties (1), (2) and (3). A key idea of our authentication protocols is to use private information retrieval (PIR) [Chor et al. J. ACM, 1998].

Keywords

cryptographic protocols; database management systems; formal verification; information retrieval; anonymous authentication server system; authentication protocol; authentication request verification; database system; private information retrieval; replay attack; Authentication; Biometrics; Context; Databases; Identity management systems; Indexes; Information retrieval; Information science; Protocols; Technology management;

fLanguage

English

Publisher

ieee

Conference_Titel

Networked Digital Technologies, 2009. NDT '09. First International Conference on

Conference_Location

Ostrava

Print_ISBN

978-1-4244-4614-8

Electronic_ISBN

978-1-4244-4615-5

Type

conf

DOI

10.1109/NDT.2009.5272083

Filename

5272083