Return to search

Privacy Preserving Authentication Schemes and Applications

With the advent of smart devices, Internet of things and cloud computing the amount of information collected about an individual is enormous. Using this meta-data, a complete profile about a person could be created - professional information, personal information like his/her choices, preferences, likes/dislikes etc. The concept of privacy is totally lost with this gamut of technology. The ability to separate one's on-line identity from their personal identity is near impossible. The conflicting interests of the two parties - service providers' need for authentication and the users' privacy needs - is the cause for this problem. Privacy Preserving Authentication could help solve both these problems by creating valid and anonymous identities for the users. And simply by proving the authenticity and integrity of this anonymous identity (without revealing/exposing it) the users can obtain services whilst protecting their privacy. In this thesis, I review and analyze the various types of PPA schemes leading to the discussion of our new scheme 'Lightweight Anonymous Attestation with Efficient Revocation'. Finally, the scenarios where these schemes are applicable are discussed in detail. / Master of Science / With the advent of smart devices, people are almost always connected to the Internet. These smart devices and applications collect information about the user on a massive scale. When all such meta-data are put together, a complete profile of the user - professional and personal information, his/her choices, preferences, likes/dislikes etc. could be created. And all this data is stored somewhere on the Internet. The concept of privacy loses its meaning as this entity knows more about the user than they do themselves. The main reason for this is the inability to separate one’s on-line identity from their personal identity. Service providers need to authenticate the users - the process by which one entity is assured of the identity of the second entity it is interacting with - to ensure only valid members are allowed to use their service. This leads to invasion of the user’s privacy/anonymity as authentication often needs details like address, date-of-birth, credit card details etc. Privacy Preserving Authentication could help solve both these problems by creating valid but anonymous identities for the users. PPA works by issuing the users a secret credential if they can prove their identity. And simply by proving the authenticity and integrity of these secret credentials (without revealing/exposing it) the users can obtain services whilst protecting their privacy. In this thesis, I review and analyze the various types of PPA schemes leading to the discussion of our new scheme Lightweight Anonymous Attestation with Efficient Revocation. Finally, the application scenarios where these schemes are applicable are discussed in detail.

Identiferoai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/86422
Date23 June 2017
CreatorsAsokan, Pranav
ContributorsElectrical and Computer Engineering, Park, Jung-Min Jerry, Yang, Yaling, Zeng, Haibo
PublisherVirginia Tech
Source SetsVirginia Tech Theses and Dissertation
Detected LanguageEnglish
TypeThesis
FormatETD, application/pdf
RightsIn Copyright, http://rightsstatements.org/vocab/InC/1.0/

Page generated in 0.0029 seconds