| Anonymous Authentication Systems Based on Private Information Retrieval (2009) | |||||||||||||
Abstract | |||||||||||||
| Networked Digital Technologies (NDT 2009) : July 29-31, 2009 : Ostrava, The Czech Republic. This paper focuses on authentication with three types of entities: a user who sends an authentication request, an authentication-server who receives and verifies the request, and a database who supplies the authentication-server with information for verifying the request. This paper presents novel authentication protocols that satisfy the following important properties: (1) secure against replay attacks, (2) the database(s) cannot identify which user is authenticating and (3) the authentication-server cannot identify to which user a given authentication-request corresponds. Firstly, we show a protocol with a single database which satisfies Properties (1) and (2). Secondly, we show a protocol with multiple databases which satisfies Properties (1), (2) and (3). A key idea of our authentication protocols is to use private information retrieval (PIR) [Chor et al. J. ACM, 1998]. | |||||||||||||
Publication details | |||||||||||||
| |||||||||||||