April 29, 2010
We established an anonymous credential system on a standard Java Card in our Smart Identities Project.
At 30th September 2009, the German society for computer science (GI) awarded the project with the Innovation Award 2009.
October 1, 2009
At 30th of September 2009, the German society for computer science (Gesellschaft für Informatik, GI), the leading German non-profit organization for computer science research (comparable to the ACM in Germany), awarded our project to establish an anonymous credential system on a standard Java Card with the Innovation Award 2009.
This is an English translation of the award certificate:
Gesellschaft für Informatik e.V. (GI)
Patrik Bichsel, Dr. Jan Camenisch,
Thomas Groß And Prof. Dr. Victor Shoup
the 2009 Innovation prize
The Smart Identity Card System, an autonomous, anonymous credential system developed by Patrik Bichsel, Dr. Jan Camenisch, Thomas Groß, and Prof. Dr. Victor Shoup at IBM Research – Zurich, offers strong authentication, unlinkability with secure keys in a low-resource solution. Despite the use of standard Java Cards (JCOP 41/v2.2), this innovation distinguishes itself from former proposals especially in the sense that it provides an enormous efficiency enhancement.
Business models which are based on electronic identity cards are being developed in numerous areas of daily life. However, they must ensure privacy, security and pragmatism in day-to-day life.
Innovations, such as this year’s award-winning research, promote the citizens’ trust in the protection of their data. In addition, they prevent – also through their design – the tracing as well as the creation of data profiles. Thus, they can strengthen the social acceptance of solutions, for instance, in the field of e-government.
With the Innovation Prize, Gesellschaft für Informatik honours hands-on innovations and patented inventions in the realm of computer science.
- Prof. Dr. Rudolf Bayer, TU Munich
- Prof. Dr. Gunter Dueck, IBM Stuttgart
- Prof. Dr. José Encarnação, TU Darmstadt
- Prof. Dr. Matthias Jarke, RWTH Aachen (chairman)
- Prof. Dr. Peter Mertens, University of Erlangen-Nürnberg
Lübeck, October 2009
gez. Professor Dr. Ing. Stefan Jähnichen
August 11, 2009
Identity Mixer was originally developed by IBM Research, in particular the computer science department of the Zurich Research Lab.
It is based on the CL-signature scheme invented by Jan Camenisch and Anna Lysyanskaya.
Identity Mixer was contributed by IBM to the EU-funded project PRIME, for which it made a crucial part of the identity management and privacy architecture. The international researchers from Academia and Industry integrated Identity Mixer in a bigger vision of privacy for the information society.
Privacy and Identity Management for Europe (PRIME) is an European Union project (6th framework) that researches new social, legal, and technical perspectives on Identity and Privacy. IBM developed Identity Mixer as crucial part of the PRIME architecture.
PRIME was honored with the Privacy Innovation Award 2008 of the International Association of Privacy Professionals (IAPP).
– Project Web Page, a pool of well-researched information of privacy and identity: https://www.prime-project.eu/
– The PRIME flyer introduces its mission in a nutshell: https://www.prime-project.eu/press_room/leaflets/PRIME-Flyer-September2006.pdf
– The PRIME Whitepaper provides a good overview over privacy and identity: https://www.prime-project.eu/prime_products/whitepaper/
PrimeLife’s predecessor project PRIME is this year’s winner of the IAPP Privacy Innovation Technology Award category. The IAPP (International Association of Privacy Professionals) awarded PRIME (Privacy and Identity Management for Europe) for producing “a highly innovative technology program architecture that governs access control, data retention and policy elements.
Two key highlights of the program are “Data Track” and “Idemix.” Data Track improves the transparency of data processing while Idemix, a private credential system, employs an encrypted, anonymous log-in to Web sites in order to ensure that Web user information remains confidential. PRIME was selected for its successful, enormous project scope and business model” (citation from IAPP News Release of 23 September 2008).
We cited this from the PrimeLife web page.
August 5, 2009
Direct Anonymous Attestation (DAA) allows a user to convince a verifier that she uses a platform that has embedded a certified hardware module. The protocol protects the user’s privacy: if she talks to the same verifier twice, the verifier is not able to tell whether or not he communicates with the same user as before or with a different one.
This scenario arose in the context of the Trusted Computing Group (TCG). TCG is an industry standardization body that aims to develop and promote an open industry standard for trusted computing hardware and software building blocks to enable more secure data storage, online business practices, and online commerce transactions while protecting privacy and individual rights.
We have worked with TCG and various privacy groups on the requirements of such a scheme and have developed an efficient protocol, called direct anonymous attestation protocol. The scenario is reminiscent of group signatures schemes. In fact, our protocol is based on the-state-of the art group signature scheme. However, a number of research questions had still to be solved for the protocol to be applied in practice. Direct anonymous attestation relies on the Decisional Diffie-Hellman assumption the user’s privacy and on the Strong RSA assumption for security. The protocol has been standardized in the TCG’s TPM version 1.2. Chips implementing the protocols are currently being build and the infrastructure around the protocol is being defined. A paper  describing the protocol did appear at ACM CCS 04 and a paper  describing how to use the protocol in the most privacy-friendly has been presented at ESORICS 2004.
Identity Mixer has been the basis of the DAA protocol.
Privacy and Identity Management for Life (PrimeLife) is a EU-funded initiative to nurture trust, privacy and identity management throughout the entire lifecycle of users.
PrimeLife is the follow-up project of the award-winning EU project PRIME.
We were the first to establish an autonomous anonymous credential system on a standard Java Card. This prototype implementation of an Identity Mixer variant that combines strong authentication and privacy properties. It allows a user to proving possession of the card as well as selectively disclose identity attributes, while keeping all her other personal data perfectly confidential. We see this technology as potential complement to electronic identity cards.
See the Smart Identity Card portal page.
In particular the card has the following properties.
- Autonomous credential system – the anonymous credential system completely resides on card and does not depend on joint computation with the PC or terminal. It is secure in face of a untrusted terminal.
- Secure keylength – in our prototype we used 1536-bit Strong RSA keys, yet the card is also capable of longer keylength such as 1984 bits.
- Transaction times on the order of seconds – an standard proof of possession with 1536-bit keys takes 7.5 sec pre-computation time while the user makes her policy consent decision and 2.5 actual response time after the user entered the policy.
We used the following Java Card:
- NXP JCOP 41 v2.2, mask 36. This card is in the midfield of available smart cards, not top of the line.
This project received the 2009 Innovation Award of the German society for computer science (comparable to the ACM in Germany).