Article Preview
Top1. Introduction
With the increasing prevalence of communication networks and the development of modern technologies, digitization has become a part of our real life (Huang, Cheng, Chen, & Li, 2010; Imani, Taheri, & Naderi, 2010; Kumar, Aseri, & Patel, 2011). This has resulted in significantly increased awareness of personal privacy to the extent that many digital applications and services emphasize the preservation of user privacy more than other functionalities. In other words, privacy is an essential requirement for such services and Internet applications, and protecting individual privacy and sensitive information are important and challenging tasks. Unlinkability is a privacy property of crucial importance to several systems (such as e-payment systems, e-voting systems, and anonymous credential systems). In ISO/IEC 15408 (2009) and Pfitzmann and Hansen (2010), unlinkability was defined as follows:
- •
Given two or more items (e.g., subjects, messages, and actions,) from an adversary’s point of view within the system (comprising these and possibly other items), the adversary cannot identify whether these items are related. That is, unlinkability ensures that users can make multiple uses of resources or services and these users and/or subjects are unable to be inferred whether the same user performed certain specific operations in the system.
Blind signature is a common method usually used as an underlying foundation for considering certain privacy-oriented applications and services in the drive to achieve the unlinkability feature. In the blind signature structure, a signature that can only be used once is generated from the negotiation between the signer and user. This structure is suitable for use in electronic payment and voting systems. However, blind signature only focuses on the unlinkability between the signer and signature holder. It may not provide the unlinkability between signature holder and verifier; this is sometimes more important in certain applications. Furthermore, zero-knowledge proof is an alternative to blind signature that can also accomplish the unlinkability property. However, in zero-knowledge proof, the computational cost of the verification phase is usually high, thus making it unsuitable for some applications.
The concept of anonymous credential systems was introduced by Chaum in 1985; it is a method of allowing the user to work effectively and anonymously with several organizations. In such a system, a user can obtain a credential for a pseudonym from a service provider, and then use it to access resources by demonstrating possession of the credential efficiently and anonymously without revealing any unnecessary information, except that the credential is owned by the user. By using Chaum’s underlying concept, many proposals (Camenisch & Lysyanskaya, 2001; Camenisch & Lysyanskaya, 2003; Camenisch and Lysyanskaya, 2004, Chaum & Evertse, 1987, Chen, 1996; Damgard, 1990; Lysyanskaya, Rivest, & Sahai, 2000) geared toward improving the model of the anonymous credential system along with introducing the zero-knowledge proofs. In the anonymous credential system, after once negotiating with the signer (service provider) to obtain the signature (credential), the user can use it unlimitedly to access the service provider’s resource; thus, this structure is suitable for use in service-oriented architecture applications (Alodib, 2015; Bouchiha, Malki, Djaa, Alghamdi, & Alnafjan, 2014).
The anonymous credential system has two properties:
- •
Unforgeability: A credential is a signature and it cannot be forged;
- •
Unlinkability: Given two or more credentials, no one can identify whether these credentials are related.