An Identifiable Yet Unlinkable Authentication System in Multi-service Environment

Abstract

The purpose of this paper is to realize an authentication system which satisfies four requirements for security, privacy protection, and usability, that is, impersonation resistance against insiders, personalization, weak-unlinkability, and memory efficiency. The proposed system is the first system which satisfies all the properties. In the proposed system, transactions of a user within a single service can be linked (personalization), while transactions of a user among distinct services can not be linked (weak-unlinkability). The proposed system can be used with smart cards since the amount of memory required by the system does not depend on the number of services. First, this paper formalizes the property of weak-unlinkability, which has not been formalized in the literatures. Next, this paper extends an identification scheme with a pseudorandom function in order to realize an authentication system which satisfies all the requirements. This extension can be done with any identification scheme and any pseudorandom function. Finally, this paper proposes an implementation with the Schnorr identification scheme and a collision-free hash function as an example of the proposed system.