Fair Anonymous Authentication for Location Based Services
Abstract.
We propose an efficient anonymous authentication scheme that provides untraceability and unlinkability of mobile devices, while accessing Location-Based Services. Following other recent approaches for mobile anonymity, in our scheme the network operator acts as an anonymous credential issuer for its users. However, our scheme supports credential non-transferability, without requiring embedded hardware security features. In addition it supports fairness characteristics. On one hand, it reduces the trust assumptions for the issuer by supporting non-frameability: the issuer, even in collaboration with the LBS provider, cannot simulate a transaction that opens back to an honest user. On the other hand, it supports anonymity revocation for illegally used credentials. Our scheme uses standard primitives such as zero-knowledge proofs, MACs and challenge/responses. We provide formal security proofs based on the intractability of the Divisible Diffie-Hellman assumption.
Key words: Privacy in Location-Based Services (LBS), Fairness, non-Frameability, non-TransferabilityDownload: (PDF
file)
