Information Technology Reference
In-Depth Information
may employ several hierarchically organized issuing parties. In order to guaran-
tee the uniqueness of the pseudonyms, these issuers either generate pseudonyms
in a specific (previously specified) range, or they have to check the randomly
generated pseudonym with all other issuers which causes immense communica-
tion efforts. Additionally, the holder of the certificate has to trust in the issuer,
since the issuer knows the linking of the holders identity to his pseudonym.
Local (Holder-based) Generation:
The other way is, that the user gener-
ates his pseudonym locally. Now, only the user knows the linking between his
identity and his pseudonym. But again we need some sort of cross-checking to
avoid duplicates.
In the approach presented in this paper, the holder locally generates globally
unique pseudonyms, which are nevertheless highly random. There is no need for
any information interchange between issuing parties or global data (especially
keys), except unique identifiers for each user and each device of the system. Ad-
ditionally the holder can prove, that he generated a specific pseudonym without
revealing his identity and he can reveal his identity by disclosing the pseudonym.
This disclosure is achieved by presenting some additional, previously unknown,
information to the verifier. As a security feature, this information (the opening
information) cannot be forged, so that the verifier retrieves an identity different
from the identity used in the generating process of the pseudonym. Another fea-
ture of the proposed system is, that there is no way to disclose the pseudonym,
if the holder does not cooperate. For several application scenarios this may seem
to be a major drawback (e.g. the holder of a pseudonym has just won an auction,
but does not want to pay). But there are others, where there is either no need for
enforced disclosure, or where the holder of the pseudonym has a strong interest
in disclosing his pseudonym at a certain point of time and hence will cooperate.
The application scenarios of pseudonyms (providing pseudonymity or ano-
nymity), where the approach presented in this paper is suitable, include:
(Centralized) Register for Medical Records:
Concerning medical records,
there is a strong interest in privacy, i.e. to keep the connection between a person's
name and his/her medical record(s) private. On the other hand many countries
(like Austria and Germany) run centralized databases, in order to provide data
for statistical studies. To achieve this, each medical record is sent to a Server,
which keeps an anonymized medical history for each person. Hence the patients
have to trust in this server, because it knows the relation between the patient's
identifier and his/her (anonymous) record identifier. If the server has been com-
promised and the algorithm for mapping the patients name (or social insurance
number) to his/her record identifer is publicly known, the privacy of all pa-
tients is at risk. In contrast to this, by applying our scheme for globally unique
pseudonyms, the medical records are anonymized before sending them to the
server. Hence, there is no way (except breaking the encryption algorithm) to
re-map a pseudonym to a user of the system.
Online Gambling:
Here, the player wants to stay anonymous during gam-
bling. He participates in the game by using his pseudonym. In case of a win, he
