Attribute-Based Identity Management: Bridging the Cryptographic Design of ABCs with the Real World

Gergely Alpár

Promotor: prof.dr. B.P.F. Jacobs (RU)
Co-promotor: dr. J.-H. Hoepman (RU)
Radboud Universiteit Nijmegen
Date: 15 January, 10:30

Summary

Attribute-based credentials (ABCs) provide a new type of authentication method, verifying personal attributes possibly without identification. The smart-card technology has become sufficiently advanced to implement and deploy ABCs. My research focusses on the cryptographic and broader technical challenges of applying ABCs in identity management online as well as offline.

The thesis covers many layers of attribute-based identity management. First, it makes an overview of current identity-management solutions. Analysing security, privacy and usability aspects, we conclude that the digital identity realm is currently in crisis with many open research questions. Second, it explains the cryptography of major ABC techniques. The role of this chapter is twofold: To compare the techniques in a common framework and to make this topic accessible for a wider audience, including professional programmers, IT experts and mathematicians. Third, it tackles an essential technical challenge that arose while designing a pilot infrastructure: How can an anonymous device, carrying privacy-friendly ABCs, be authenticated in order to establish a secure channel with. Two provably secure yet efficient approaches are discussed in detail. Finally, based on the previous results about the identity crisis and the extended ABC technology, a new kind of identity ecosystem is introduced in which attribute-based identity management becomes possible that solves several problems in the identity crisis.