Smart Identity Card
We envision that electronic identity cards become pervasive in the not too distant future. Then, we imagine that they can be used for privacy-sensitive applications with third-party services, for instance to access a healthcare recommendation portal anonymously. For that the user must be confident that her personal data is save and her privacy well protected. At the same time, the service provider needs to know that the authentication is secure and that user can be held accountable for his doing.
We attempt to solve this problem by establishing an anonymous credential system on a Java Card, usable as electronic identity card. This allows us to combine strong authentication and privacy properties. A user can prove that she owns the card or that she has certain attributes while keeping all her other personal data confidential. The card’s transactions should be unlinkable such that profiling and tracing become impossible. And, all that should also work in face of an untrusted terminal.
We succeeded in this challenge by realizing an autonomous anonymous credential system on a standard Java Card. This prototype features a light-weight variant Identity Mixer completely on card. It is the first such approach with practical keylength and transaction times. This innovation was celebrated by the German society for computer science (GI) with the Innovation Award 2009.