Non-transferable anonymous credential system with optional anonymity revocation
First Claim
1. A method for establishing a pseudonym system by having a certificate authority accepting a user as a new participant in said pseudonym system, the method comprising the steps of:
- receiving a first public key provided by said user;
verifying that said user is allowed to join the system;
computing a credential by signing the first public key using a secret key owned by said certificate authority;
publishing said first public key and said credential.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a method and system for securely proving ownership of pseudonymous or anonymous electronic credentials. A credential system is described consisting of users and organizations. An organization knows a user only by a pseudonym. The pseudonyms of the same user, established for use with different organizations, cannot be linked. An organization can issue a credential to a pseudonym, and the corresponding user can prove possession of this credential to another organization that knows him under another pseudonym. During the prove of possession of the credential nothing besides the fact that he owns such a credential is revealed. A refinement of the credential system provides credentials for unlimited use, so called multiple-show credentials, and credentials for one-time use, so called one-show credentials.
-
Citations
22 Claims
-
1. A method for establishing a pseudonym system by having a certificate authority accepting a user as a new participant in said pseudonym system, the method comprising the steps of:
-
receiving a first public key provided by said user;
verifying that said user is allowed to join the system;
computing a credential by signing the first public key using a secret key owned by said certificate authority;
publishing said first public key and said credential. - View Dependent Claims (2, 3, 4, 22)
-
-
5. A method for establishing a pseudonym system by having an organization register a user, the method comprising the steps of:
-
receiving a first public key provided by said user;
receiving a first encryption encrypted by using said first public key;
proving that an existing public key is registered for said user with another organization of said pseudonym system and proving that the secret key corresponding to said existing public key is encrypted in said received first encryption;
publishing said first public key, said first encryption and the name of said other organization. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 19, 20)
-
-
17. A method for having a verifier checking possession of a credential by a user issued by a specified organization, the method comprising the steps of:
proving that an existing public key is registered for said user with said specified organization of said pseudonym system.
-
21. A method for having a revocation manager revealing a pseudonym or the identity of a user, the method comprising the steps of:
-
receiving a request from an organization for revealing a pseudonym or the identity of a user;
judging whether it is justified to reveal the pseudonym or the identity of the user; and
sending the pseudonym or the identity of the user to the requesting organization, in case that this is justified.
-
Specification