We present schemes for providing anonymous transactions while privacy and anonymity are preserved, providing user's anonymous authentication in distributed networks such as the Internet. We first present a practical scheme for anonymous transactions while the transaction resolution is assisted by a Trusted Authority. This practical scheme is extended to a theoretical scheme where a Trusted Authority is not involved in the transaction resolution. Both schemes assume that all the players interact over anonymous secure channels. Given authority that generates for each player hard to produce evidence EVID (e.g., problem instance with or without a solution) to each player, the identity of a user U is defined by the ability to prove possession of aforementioned evidence. We use zero-knowledge proof techniques to repeatedly identify U by providing a proof that U has evidence EVID, without revealing EVID, therefore avoiding identity theft. In both schemes the authority provides each user with a unique random string. A player U may produce a unique user name and password for each other player S using a one-way function over the random string and the IP address of S. The player does not have tomaintain any information in order to reproduce the user name and password used for accessing a player S. Moreover, the player U may execute transactions with a group of players S U in two phases; in the first phase the player interacts with each server without revealing information concerning its identity and without possibly identifying linkability among the servers in S U. In the second phase the player allows linkability and therefore transaction commitment with all servers in S U, while preserving anonymity (for future transactions).
|ACM Transactions on Autonomous and Adaptive Systems
|מזהי עצם דיגיטלי (DOIs)
|פורסם - 1 יולי 2012
ASJC Scopus subject areas