A First Approach to Provide Anonymity in Attribute Certificates
V. Benjumea, J. Lopez, J. A. Montenegro, and J. M. Troya.
Abstract
This paper focus on two security services for internet applications:
authorization and anonymity. Traditional authorization solutions are
not very helpful for many of the Internet applications; however,
attribute certificates proposed by ITU-T seems to be well suited and
provide adequate solution. On the other hand, special attention is
paid to the fact that many of the operations and transactions that are
part of Internet applications can be easily recorded and
collected. Consequently, anonymity has become a desirable feature to
be added in many cases. In this work we propose a solution to enhance
the X.509 attribute certificate in such a way that it becomes a
conditionally anonymous attribute certificate. Moreover, we present a
protocol to obtain such certificates in a way that respects users
anonymity by using a fair blind signature scheme. We also show how to
use such certificates and describe a few cases where problems could
arise, identifying some open problems.
Keywords: Authorization, PMI, anonymity, pseudonym, credential, X.509 attribute certificates