research-article

Building Privacy-Preserving Cryptographic Credentials from Federated Online Identities

Authors:
John Maheswaran

Yale University, New Haven, CT, USA

Yale University, New Haven, CT, USA
View Profile

,
Daniel Jackowitz

Yale University, New Haven, CT, USA

Yale University, New Haven, CT, USA
View Profile

,
Ennan Zhai

Yale University, New Haven, CT, USA

Yale University, New Haven, CT, USA
View Profile

,
David Isaac Wolinsky

Yale University, New Haven, CT, USA

Yale University, New Haven, CT, USA
View Profile

,
Bryan Ford

EPFL, Lausanne, Switzerland

EPFL, Lausanne, Switzerland
View Profile

CODASPY '16: Proceedings of the Sixth ACM Conference on Data and Application Security and PrivacyMarch 2016Pages 3–13https://doi.org/10.1145/2857705.2857725

Published:09 March 2016Publication History

CODASPY '16: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy

Pages 3–13

ABSTRACT

Federated identity providers, e.g., Facebook and PayPal, offer a convenient means for authenticating users to third-party applications. Unfortunately such cross-site authentications carry privacy and tracking risks. For example, federated identity providers can learn what applications users are accessing; meanwhile, the applications can know the users' identities in reality.

This paper presents Crypto-Book, an anonymizing layer enabling federated identity authentications while preventing these risks. Crypto-Book uses a set of independently managed servers that employ a (t,n)-threshold cryptosystem to collectively assign credentials to each federated identity (in the form of either a public/private keypair or blinded signed messages). With the credentials in hand, clients can then leverage anonymous authentication techniques such as linkable ring signatures or partially blind signatures to log into third-party applications in an anonymous yet accountable way.

We have implemented a prototype of Crypto-Book and demonstrated its use with three applications: a Wiki system, an anonymous group communication system, and a whistleblower submission system. Crypto-Book is practical and has low overhead: in a deployment within our research group, Crypto-Book group authentication took 1.607s end-to-end, an overhead of 1.2s compared to traditional non-privacy-preserving federated authentication.

References

Masayuki Abe and Tatsuaki Okamoto. Provably secure partially blind signatures. Inbibconf{20th}CRYPTOInternational Cryptology Conference, 2000. Google ScholarDigital Library
Giuseppe Ateniese, Jan Camenisch, Marc Joye, and Gene Tsudik. A practical and provably secure coalition-resistant group signature scheme. Inbibconf{20th}CRYPTOInternational Cryptology Conference, 2000. Google ScholarDigital Library
Giuseppe Ateniese, Dawn Song, and Gene Tsudik. Quasi-efficient revocation of group signatures. Inbibconf{7th}FCFinancial Cryptography Conference, January 2003. Google ScholarDigital Library
Man H Au, Apu Kapadia, and Willy Susilo. BLACR: TTP-free blacklistable anonymous credentials with reputation. Inbibconf{19th}NDSSAnnual Network & Distributed System Security Symposium, February 2012.Google Scholar
Dan Boneh, Xavier Boyen, and Hovav Shacham. Short group signatures. Inbibconf{24th}CRYPTOInternational Cryptology Conference, 2004.Google Scholar
Jan Camenisch and Anna Lysyanskaya. Dynamic accumulators and application to efficient revocation of anonymous credentials. Inbibconf{22nd}CRYPTOAnnual International Cryptology Conference, August 2001. Google ScholarDigital Library
Jan Camenisch and Anna Lysyanskaya. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In EUROCRYPT, May 2001. Google ScholarDigital Library
Technical Report: Providing Abuse Resistant Pseudonyms for Federated Online Identities with Cobra. https://www.dropbox.com/s/c90jn2om7ahlth4/anon-tech-report.pdf?dl=0.Google Scholar
David Chaum. Blind signatures for untraceable payments. InbibconfCRYPTOInternational Cryptology Conference, 1982.Google Scholar
David Chaum and Eugène Van Heyst. Group signatures. InbibconfEUROCRYPTAdvances in Cryptology, April 1991. Google ScholarDigital Library
Brent Chun, David Culler, Timothy Roscoe, Andy Bavier, Larry Peterson, Mike Wawrzoniak, and Mic Bowman. Planetlab: an overlay testbed for broad-coverage services. ACM SIGCOMM Computer Communication Review, 33(3):3--12, 2003. Google ScholarDigital Library
Henry Corrigan-Gibbs and Bryan Ford. Dissent: accountable anonymous group messaging. Inbibconf{17th}CCSACM Conference on Computer and Communications Security, October 2010. Google ScholarDigital Library
Leucio Antonio Cutillo, Refik Molva, and Thorsten Strufe. Safebook: A privacy-preserving online social network leveraging on real-life trust. Communications Magazine, IEEE, 47(12):94--101, 2009. Google ScholarDigital Library
Arkajit Dey and Stephen Weis. Pseudoid: Enhancing privacy in federated login. Hot topics in privacy enhancing technologies, pages 95--107, 2010.Google Scholar
Mario Di Raimondo, Rosario Gennaro, and Hugo Krawczyk. Deniable authentication and key exchange. InbibconfCCSACM conference on computer and communications security, 2006.Google ScholarDigital Library
Roger Dingledine, Nick Mathewson, and Paul Syverson. Tor: the second-generation onion router. In 13th USENIX Security Symposium, August 2004. Google ScholarDigital Library
John R. Douceur. The Sybil attack. Inbibconf{1st}IPTPSInternational Workshop on Peer-to-Peer Systems, March 2002. Google ScholarDigital Library
Adrienne Felt and David Evans. Privacy protection for social networking APIs. W2SP, 2008.Google Scholar
Saikat Guha, Kevin Tang, and Paul Francis. Noyb: Privacy in online social networks. InbibconfWOSNWorkshop on Online social networks, 2008. Google ScholarDigital Library
E. Hammer-Lahav. The OAuth 1.0 protocol, April 2010. RFC 5849.Google Scholar
Ed Hardt. The OAuth 2.0 authorization framework, October 2012. RFC 6749.Google Scholar
Ryan Henry, Kevin Henry, and Ian Goldberg. Making a nymbler nymble using verbs. In PETS, 2010. Google ScholarDigital Library
Peter C Johnson, Apu Kapadia, Patrick P Tsang, and Sean W Smith. Nymble: Anonymous IP-address blocking. In PETS, 2007. Google ScholarDigital Library
Zubair Ahmad Khattak, Jamalul-lail Ab Manan, Suziah Sulaiman, et al. Analysis of open environment sign-in schemes-privacy enhanced & trustworthy approach. Journal of Advances in Information Technology, 2(2):109--121, 2011.Google ScholarCross Ref
Georgios Kontaxis, Michalis Polychronakis, and Evangelos P Markatos. SudoWeb: Minimizing information disclosure to third parties in single sign-on platforms. In Information Security, pages 197--212. Springer, 2011. Google ScholarDigital Library
Joseph K Liu and Duncan S Wong. Linkable ring signatures: Security models and new schemes. InbibconfICCSAComputational Science and Its Applications, May 2005. Google ScholarDigital Library
Matthew M Lucas and Nikita Borisov. Flybynight: mitigating the privacy risks of social networking. In Proceedings of the 7th ACM workshop on Privacy in the electronic society, pages 1--8. ACM, 2008. Google ScholarDigital Library
Wanying Luo, Qi Xie, and Urs Hengartner. Facecloak: An architecture for user privacy on social networking sites. In Computational Science and Engineering, 2009. CSE'09. International Conference on, volume 3, pages 26--33. IEEE, 2009. Google ScholarDigital Library
Gabriel Maganis, Elaine Shi, Hao Chen, and Dawn Song. Opaak: using mobile phones to limit anonymous identities online. In Proceedings of the 10th international conference on Mobile systems, applications, and services, pages 295--308. ACM, 2012. Google ScholarDigital Library
MediaWiki. http://www.mediawiki.org.Google Scholar
Moni Naor. Deniable ring authentication. Inbibconf{22nd}CRYPTOAdvances in Cryptology, August 2002. Google ScholarDigital Library
Arvind Narayanan, Narendran Thiagarajan, Mugdha Lakhani, Michael Hamburg, and Dan Boneh. Location privacy via private proximity testing. In Proc. of NDSS, volume 2011, 2011.Google Scholar
The FIPS 186--4 Digital Signature Algorithm Validation System. http://csrc.nist.gov/groups/STM/cavp/documents/dss2/dsa2vs.pdf .Google Scholar
David Recordon and Drummond Reed. OpenID 2.0: A platform for user-centric identity management. In Proceedings of the second ACM workshop on Digital identity management. ACM, 2006. Google ScholarDigital Library
Ronald L. Rivest, Adi Shamir, and Yael Tauman. How to leak a secret. Inbibconf{7th}ASIACRYPTInternational Conference on the Theory and Application of Cryptology and Information Security, December 2001. Google ScholarDigital Library
SecureDrop. https://pressfreedomfoundation.org/securedrop/.Google Scholar
Victor R. L. Shen, Yu fang Chung, Tzer Shyong Chen, and Yu An Lin. A blind signature based on discrete logarithm problem. ICIC, 7(9), September 2011.Google Scholar
Patrick P Tsang, Man Ho Au, Apu Kapadia, and Sean W Smith. Blacklistable anonymous credentials: Blocking misbehaving users without TTPs. Inbibconf{14th}CCSProceedings of the 14th ACM conference on Computer and communications security, October 2007. Google ScholarDigital Library
Ryu Watanabe and Yutaka Miyake. Account management method with blind signature scheme. Engineering and Technology, World of Science, (59):2069--2073, 2011.Google Scholar
Alma Whitten and J. Doug Tygar. Why johnny can't encrypt: A usability evaluation of PGP 5.0. In Proceedings of the 8th USENIX Security Symposium, August 1999. Google ScholarDigital Library
David Isaac Wolinsky, Henry Corrigan-Gibbs, Aaron Johnson, and Bryan Ford. Dissent in numbers: Making strong anonymity scale. Inbibconf{10th}OSDIUSENIX Symposium on Operating Systems Design and Implementation, October 2012. Google ScholarDigital Library

Index Terms

Building Privacy-Preserving Cryptographic Credentials from Federated Online Identities
1. Security and privacy

Recommendations

Crypto-Book: an architecture for privacy preserving online identities
HotNets-XII: Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks

Through cross-site authentication schemes such as OAuth and OpenID, users increasingly rely on popular social networking sites for their digital identities--but use of these identities brings privacy and tracking risks. We propose Crypto-Book, an ...
Read More
Research on Privacy Preserving of Searchable Encryption
HPCCT '18: Proceedings of the 2018 2nd High Performance Computing and Cluster Technologies Conference

In the cloud computing applications, the researchers proposed a new cryptographic primitive searchable encryption (SE) in order to ensure data security. Searchable encryption can make full use of cloud server computing capacity to search the ciphertext. ...
Read More
Secure Privacy-Preserving Biometric Authentication Scheme for Telecare Medicine Information Systems

Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CODASPY '16: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy
March 2016
340 pages
ISBN:9781450339353
DOI:10.1145/2857705
General Chairs:
Elisa Bertino
Purdue University, USA
,
Ravi Sandhu
University of Texas at San Antonio, USA
,
Program Chair:
Alexander Pretschner
Technische Universität München, Germany
Copyright © 2016 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 9 March 2016
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
anonymity
anonymous communication
authentication
online social networks
Qualifiers
- research-article
Conference

Acceptance Rates
CODASPY '16 Paper Acceptance Rate22of115submissions,19%Overall Acceptance Rate149of789submissions,19%
More
Upcoming Conference
CODASPY '24

Sponsor:

sigsac

Fourteenth ACM Conference on Data and Application Security and Privacy

June 19 - 21, 2024

Porto , Portugal
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 10
  Total Citations
  View Citations
- 293
  Total Downloads
- Downloads (Last 12 months)15
- Downloads (Last 6 weeks)2
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Building Privacy-Preserving Cryptographic Credentials from Federated Online Identities

CODASPY '16: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy

ABSTRACT

References

Cited By

Index Terms

Recommendations

Crypto-Book: an architecture for privacy preserving online identities

Research on Privacy Preserving of Searchable Encryption

Secure Privacy-Preserving Biometric Authentication Scheme for Telecare Medicine Information Systems