April 29, 2010

News: Smart Identity Card successfully realized

Posted in Uncategorized tagged , , , at 14:07 by Thomas Groß

We established an anonymous credential system on a standard Java Card in our Smart Identities Project.

At 30th September 2009, the German society for computer science (GI) awarded the project with the Innovation Award 2009.

[Resources]   [Paper at ACM CCS]   [Read more…]


October 1, 2009

Innovation Award for Anonymous Credential System on Java Card

Posted in Uncategorized tagged , , , at 16:54 by Thomas Groß

At 30th of September 2009, the German society for computer science (Gesellschaft für Informatik, GI), the leading German non-profit organization for computer science research (comparable to the ACM in Germany), awarded our project to establish an anonymous credential system on a standard Java Card with the Innovation Award 2009.


This is an English translation of the award certificate:

Gesellschaft für Informatik e.V. (GI)Logo of the GI


Patrik Bichsel, Dr. Jan Camenisch,
Thomas Groß And Prof. Dr. Victor Shoup

the 2009 Innovation prize

The Smart Identity Card System, an autonomous, anonymous credential system developed by Patrik Bichsel, Dr. Jan Camenisch, Thomas Groß, and Prof. Dr. Victor Shoup at IBM Research – Zurich, offers strong authentication, unlinkability with secure keys in a low-resource solution. Despite the use of standard Java Cards (JCOP 41/v2.2), this innovation distinguishes itself from former proposals especially in the sense that it provides an enormous efficiency enhancement.

Business models which are based on electronic identity cards are being developed in numerous areas of daily life. However, they must ensure privacy, security and pragmatism in day-to-day life.

Innovations, such as this year’s award-winning research, promote the citizens’ trust in the protection of their data. In addition, they prevent – also through their design – the tracing as well as the creation of data profiles. Thus, they can strengthen the social acceptance of solutions, for instance, in the field of e-government.

With the Innovation Prize, Gesellschaft für Informatik honours hands-on innovations and patented inventions in the realm of computer science.


  • Prof. Dr. Rudolf Bayer, TU Munich
  • Prof. Dr. Gunter Dueck, IBM Stuttgart
  • Prof. Dr. José Encarnação, TU Darmstadt
  • Prof. Dr. Matthias Jarke, RWTH Aachen (chairman)
  • Prof. Dr. Peter Mertens, University of Erlangen-Nürnberg

Lübeck, October 2009

gez. Professor Dr. Ing. Stefan Jähnichen

August 11, 2009

Cradle of Identity Mixer

Posted in Uncategorized at 14:51 by Thomas Groß

Identity Mixer was originally developed by IBM Research, in particular the computer science department of the Zurich Research Lab.

It is based on the CL-signature scheme invented by Jan Camenisch and Anna Lysyanskaya.

Identity Mixer was contributed by IBM to the EU-funded project PRIME, for which it made a crucial part of the identity management and privacy architecture. The international researchers from Academia and Industry integrated Identity Mixer in a bigger vision of privacy for the information society.

PRIME‘s follow-up EU-project PrimeLife continues to use Identity Mixer as technology basis, for which IBM extends it with advanced capabilities. PrimeLife offers Identity Mixer for download.

Privacy and Identity Management for Europe (PRIME)

Posted in Uncategorized tagged , at 13:47 by Thomas Groß



Privacy and Identity Management for Europe (PRIME) is an European Union project (6th framework) that researches new social, legal, and technical perspectives on Identity and Privacy. IBM developed Identity Mixer as crucial part of the PRIME architecture.

PRIME provides educational resources and introduction material to privacy and identity, such as tutorials for general audience and a video about privacy risks and identity theft.

PRIME was honored with the Privacy Innovation Award 2008 of the International Association of Privacy Professionals (IAPP).

– Project Web Page, a pool of well-researched information of privacy and identity:   https://www.prime-project.eu/
– The PRIME flyer introduces its mission in a nutshell:   https://www.prime-project.eu/press_room/leaflets/PRIME-Flyer-September2006.pdf
– The PRIME Whitepaper provides a good overview over privacy and identity:   https://www.prime-project.eu/prime_products/whitepaper/

PRIME Received the IAPP Privacy Innovation Award 2008

Posted in Uncategorized tagged , , at 13:46 by Thomas Groß



PrimeLife’s predecessor project PRIME is this year’s winner of the IAPP Privacy Innovation Technology Award category. The IAPP (International Association of Privacy Professionals) awarded PRIME (Privacy and Identity Management for Europe) for producing “a highly innovative technology program architecture that governs access control, data retention and policy elements.

IAPP Privacy Innovation AwardTwo key highlights of the program are “Data Track” and “Idemix.”  Data Track improves the transparency of data processing while Idemix, a private credential system, employs an encrypted, anonymous log-in to Web sites in order to ensure that Web user information remains confidential. PRIME was selected for its successful, enormous project scope and business model” (citation from IAPP News Release of 23 September 2008).

We cited this from the PrimeLife web page.

August 5, 2009

Direct Anonymous Attestation (DAA)

Posted in Uncategorized tagged at 16:38 by Thomas Groß

Direct Anonymous Attestation (DAA) allows a user to convince a verifier that she uses a platform that has embedded a certified hardware module. The protocol protects the user’s privacy: if she talks to the same verifier twice, the verifier is not able to tell whether or not he communicates with the same user as before or with a different one.

This scenario arose in the context of the Trusted Computing Group (TCG). TCG is an industry standardization body that aims to develop and promote an open industry standard for trusted computing hardware and software building blocks to enable more secure data storage, online business practices, and online commerce transactions while protecting privacy and individual rights.

We have worked with TCG and various privacy groups on the requirements of such a scheme and have developed an efficient protocol, called direct anonymous attestation protocol. The scenario is reminiscent of group signatures schemes. In fact, our protocol is based on the-state-of the art group signature scheme. However, a number of research questions had still to be solved for the protocol to be applied in practice. Direct anonymous attestation relies on the Decisional Diffie-Hellman assumption the user’s privacy and on the Strong RSA assumption for security. The protocol has been standardized in the TCG’s TPM version 1.2. Chips implementing the protocols are currently being build and the infrastructure around the protocol is being defined. A paper [1] describing the protocol did appear at ACM CCS 04 and a paper [2] describing how to use the protocol in the most privacy-friendly has been presented at ESORICS 2004.

Identity Mixer has been the basis of the DAA protocol.

Read the rest of this entry »

Privacy and Identity Management for Life (PrimeLife)

Posted in Uncategorized tagged , at 10:59 by Thomas Groß

Privacy and Identity Management for Life (PrimeLife) is a EU-funded initiative to nurture trust, privacy and identity management throughout the entire lifecycle of users.

PrimeLife is the follow-up project of the award-winning EU project PRIME.

Project: Smart Identity Card

Posted in Uncategorized tagged , , , , at 10:57 by Thomas Groß

Identity card with anonymous credential system

Identity card with anonymous credential system

We were the first to establish an autonomous anonymous credential system on a standard Java Card. This prototype implementation of an Identity Mixer variant that combines strong authentication and privacy properties. It allows a user to proving possession of the card as well as selectively disclose identity attributes, while keeping all her other personal data perfectly confidential. We see this technology as potential complement to electronic identity cards.

See the Smart Identity Card portal page.

In particular the card has the following properties.

  • Autonomous credential system – the anonymous credential system completely resides on card and does not depend on joint computation with the PC or terminal. It is secure in face of a untrusted terminal.
  • Secure keylength – in our prototype we used 1536-bit Strong RSA keys, yet the card is also capable of longer keylength such as 1984 bits.
  • Transaction times on the order of seconds – an standard proof of possession with 1536-bit keys takes 7.5 sec pre-computation time while the user makes her policy consent decision and 2.5 actual response time after the user entered the policy.

We used the following Java Card:

  • NXP JCOP 41 v2.2, mask 36. This card is in the midfield of available smart cards, not top of the line.

This project received the 2009 Innovation Award of the German society for computer science (comparable to the ACM in Germany).