Security without identification - By, Ajinkya Kulkarni A presentation on Department of Computer...
27
Security without identification - By, Ajinkya Kulkarni A presentation on Department of Computer Science University of Alabama in Huntsville Author : David Chaum, Communications of the ACM, vol. 28, 1985. (20 Jan 2009) Transaction systems to make big brother obsolete
-
Upload
mabel-fowler -
Category
Documents
-
view
212 -
download
0
Transcript of Security without identification - By, Ajinkya Kulkarni A presentation on Department of Computer...
Security without identification -
By,
Ajinkya Kulkarni
A presentation on
Department of Computer Science
University of Alabama in Huntsville
Author : David Chaum, Communications of the ACM, vol. 28, 1985.
(20 Jan 2009)
Transaction systems to make big brother obsolete
About the author
David Chaum is the inventor of many cryptographic protocols, including blind signature schemes, commitment schemes, and digital cash.
In this In this presentationpresentation
1) Problems addressed by Authors
2)Typical Solution and its Problem
3) New Approach proposed by Author
4) The Feasibility of New Approach
4.1) Communication Transaction
Problems Solution
4.2) Payment Transaction
Problems Solution
4.3) Credential Transaction
Problems Solution
Unconditional UntraceableCommunication
Digital Signature
Blind Signatures for Untraceable Payment
Individuals can not control the way in which information about themselves is used Sometimes information may be obsolete , inaccurate or otherwise inappropriate.
1 Problems (1/3)1 Problems (1/3)
Bank
Mobile Operator
Shops
Websites
BlogsEmployer
Fitness Center
University
Bob
1 Problems (2/3)1 Problems (2/3)Computers could be used to infer individuals’ life styles and habits
Fitness Center6 PM Wall Mart
Every Friday
PC Lab8 AM On Campus Job
9 AM
Big Brother is Watching You
Classes2 PM
Bank
Job
FC
WM
8 AM
9 AM
Gas
6 PM
Friday
1
2
3
4
5
Schedule
2 PM
Bob
Bad Guys
1 Problems (3/3)1 Problems (3/3)
Uncertainty about security of personal information
May cause people to alter their observable activities
Organization are vulnerable to abuses by individuals.
Bank
Job
FC
WM
8 AM
9 AM
Gas
6 PM
Friday
1
2
3
4
5
Schedule
2 PM
Bad Employee
Bad GuysInternet
2 Typical Solution and it’s 2 Typical Solution and it’s ProblemProblem
Perhaps in combination with national identity cards or even finger prints .
To devise more pervasive, efficient, and interlinked computerized record-keeping system,
But, this would exacerbate the problem of individuals’ loss of monitorability and the control
Would likely be unacceptable to many
3 New Approach (Proposed by 3 New Approach (Proposed by Author)Author)
3Differences
3 New Approach Details3 New Approach Details
Current systems emphasize the one-sided security of Organizations attempting to protect themselves from individuals
Personal card computers Wall Mart
The new approach allows all parties to protect their own interests
Wall Mart BillItems Purchased
1 Box
Total Bill Amount : $10
Pay
Bob
4 The Feasibility of New Approach 4 The Feasibility of New Approach
The feasibility of new approach can be demonstrated for a comprehensive set of three kinds of consumer transaction
Communication Transaction
4.1
Payment Transaction
4.2
Credential Transaction
4.3
4.1 Communication Transaction4.1 Communication Transaction
As more communication travels in electromagnetic and digital form
Possibility of exposure of tracing information.
It becomes easier to learn more about individual from their communication
Morning
Afternoon
Evening
Bob
System Administrator
SSN
Call HistoryAddress
4.1.1 Problems in Communication 4.1.1 Problems in Communication TransactionTransaction
Current systems provide inadequate protection
Hand written signature are easily forged
▶ By installing tamper resistant identity card
But these approach rely on tracing information
▶ By keeping records of message delivered, to provide certificate delivery
Solution under Current Approach
And thus are in fundamental conflict with individuals' ability to control access to information about themselves
4.1.2 Solution for Communication 4.1.2 Solution for Communication Transaction (Using New Approach)Transaction (Using New Approach)
Messages are untraceable
4.1.2.1 Unconditional Untraceable
4.1.2.2 Digital Signature
Except for the recipient's ability to authenticate them as having been sent by the owner of a particular pseudonym
4.1.2.1 Unconditional Untraceable 4.1.2.1 Unconditional Untraceable
Welcome
One of the three of you has already
paid for coffee
Who paid?If Bob has
paid, we must know,
because we invited him for coffee
But if one of us paid, Bob should not
know about it
B
A
4.1.2.1 Unconditional Untraceable 4.1.2.1 Unconditional Untraceable
Bob
We will say aloud which side the coin
falls onB
A
Let’s flip a coin
behind menu card
Agree
If one of us paid , then we should
say the opposite side
Menu Card
4.1.2.1 Unconditional Untraceable 4.1.2.1 Unconditional Untraceable
Bob
B
A
Head
Case 1: B has paid Tail
I know, one of them has
paid, but can not
determine who?Menu Card
4.1.2.1 Unconditional Untraceable 4.1.2.1 Unconditional Untraceable
Bob
B
A
Head
Case 2: Bob has paid Head
Menu Card
4.1.2.2 Digital Signature4.1.2.2 Digital Signature
I
Won
1 Billion Dollar
我
Digital Codebook
韩元
1 亿美元
1 亿美元
韩元
我
1 Billion Dollar
Won
I
我 韩元 1 亿美元
Bob Alice
I Won 1 Billion Dollar
English Chinese
Private Key
Public Key
4.2 Payment Transaction 4.2 Payment Transaction
Automation is giving the providers of these systems easy access to revealing and extensive information about individuals
Today many paper transaction records of when, how much, and to whom payment was made are translated into electronic form
Payment systems are being automated
E.g. Shopping, Travelling, Bank , Education
Computerization is extending data capture potential of payment systems
4.2.1 Problems in Payment 4.2.1 Problems in Payment TransactionTransaction
Uncollectable Payments by consumer
Check drawn against insufficient funds
Credit card misuse
Theft of paper currency
Envelope
4.2.2 Solution for Payment Transaction 4.2.2 Solution for Payment Transaction (Using New Approach)(Using New Approach)
Blind Signatures for Untraceable Payment
----------------------------Slip
Carbon Paper
Bank Signature worth $ X
Bank deducts $ X from Bob Account
Bank can not see the slip through the envelope
Bob
Bank
4.2.2 Solution for Payment Transaction 4.2.2 Solution for Payment Transaction (Using New Approach)(Using New Approach)
Blind Signatures for Untraceable Payment
----------------------------Slip
Envelope
Verifies proper signature markBob
Shop
Bank also verifies signature mark
Since it uses same signature for all account holder, it can not learn which account the funds were withdrawn from
Thus, Payment are untraceable
Bank
4.3 Credential Transactions4.3 Credential Transactions
Individuals must show credentials in relationships with many organizations.
Problem arise when unnecessary data are revealed in the process
Some credentials, such as passports , drivers’ licenses, and membership cards, are commonly shown by individuals in the form of certificates.
Bob
Show me your National
IdentificationDate of
BirthMother’s Name
Password
Bad Guy
4.3.1 Problems in Credential 4.3.1 Problems in Credential TransactionTransaction
Credential systems are subject to widespread abuse by individuals
Widespread use of highly secure identity documents providing links to centrally maintained credentials
Such as the modification and the copying of many kinds of paper ,plastic, and digital certificates
Are antithetical to the ability of individuals to determine how information about themselves is used
4.3.2 Solution for Credential Transaction 4.3.2 Solution for Credential Transaction (Using New Approach)(Using New Approach)
Individual takes a specially coded credential issued underone pseudonym
These coded credentials are maintained and shown onlyby individuals
Individuals can also tailor the coded form shown
And to transform it into a similarly coded form of the same credential that can be shown under the individual’s other pseudonyms
So that it provides only the necessary information and ensure that obsolete information become unlink able to current pseudonyms.
They provide control similar to that provided by certificates.
4.3.2.1 The Basic Credential 4.3.2.1 The Basic Credential SystemSystem
Carbon PaperEnvelope
2dD&^tvgS
Bob makes another one time userandom pseudonym. E.g 2dD&^tvgS
----------------------------
Slip
2dD&^tvgS
Bank
We need National Identity
and Address proof
Take one pseudonym . E.g. B2847dE forAll his credentials, such as, Address, Photo, National Identity, etc
Credential Issuing Organization
Give me National
Identity and Address
proof Credentials
for 2dD&^tvgS
B2847dE
Envelope
2dD&^tvgS
Bob
Thank Thank YouYou
