Information Technology Reference
In-Depth Information
input : UID, Data
output: P
(1)
generate two random primes p, q ∈ R IP
(2)
generate a random public key e with (( p − 1)( q − 1) ,e )=1
compute the private-key d = e 1 MOD ( p
(3)
1)
(4) generate the pseudonym P =E e ( UID||Data||PAD ) ||e||n
(5) return P
1)( q
Fig. 3. Generation of a Unique Pseudonym
Fact 1: Each issued user identifier ( UID ) is unique. A hierarchical structure of
the identifiers may be used, in order to simplify the management of the identi-
fiers.
Fact 2: E e ( m 1 )
= m 2 ,sinceE e ( m ) is a bijective (one-to-one)
function for some constant public key ( e, n ).
=E e ( m 2 )
m 1
To prove the uniqueness of the pseudonym generated by two different users,
we have to distinguish two cases:
1. Both users (respectively their PSEs) accidentally generate (choose) the same
public key ( e, n ). In this case, the second halves of the pseudonyms (namely
e
n ) are equal for both users. But fact 1 and fact 2 guarantee, that the first
halves, namely E e ( UID 1 ||
||
PAD 2 ), dif-
fer in at least one bit, since UID 1 and UID 2 differ in at least one bit.
2. The second case is quite easy to prove: the users generate (choose) different
keys, and hence, the second halves of the generated pseudonyms (namely
e 1 ||
Data 1 ||
PAD 1 )andE e ( UID 2 ||
Data 2 ||
n 2 ) differ in at least one bit. So we do not need to care about
the first halves, which may be accidentally equal (different plaintexts en-
crypted with different keys may result in the same ciphertext). Note: This
proof obviously holds also for symmetric encryption (see [14]).
n 1 and e 2 ||
Pseudonyms generated by a specific user may either be generated by the use
of the same PSE or by use of different PSEs:
1. Pseudonyms generated by the same PSE will differ in at least one bit, because
the serial numbers of the pseudonyms will differ in at least one bit.
2. Pseudonyms generated by different PSEs will differ in at least one bit, be-
cause the device identifiers of the PSEs will differ in at least one bit.
3
Proof of Ownership
One central problem of pseudonyms is to prove, that a certain pseudonym has
been generated by a certain person. In principle, this can be achieved straight
forward by disclosing the pseudonym. In our case, we do not want to disclose
our identity, we simply want to prove, that we have generated the pseudonym.
Search WWH ::




Custom Search