Authentic attributes with fine-grained anonymity protection

Abstract

Collecting accurate profile information and protecting an individual’s privacy are ordinarily viewed as being at odds. This paper presents mechanisms that protect individual privacy while presenting accurate—indeed authenticated—profile information to servers and merchants. In particular, we give a pseudonym registration scheme and system that enforces unique user registration while separating trust required of registrars, issuers, and validators. This scheme enables the issuance of global unique pseudonyms (GUPs) and attributes enabling practical applications such as authentication of accurate attributes and enforcement of “one-to-a-customer” properties. We also present a scheme resilient to even pseudonymous profiling yet preserving the ability of merchants to authenticate the accuracy of information. It is the first mechanism of which the authors are aware to guarantee recent validity for group signatures, and more generally multigroup signatures, thus effectively enabling revocation of all or some of the multi-group certificates held by a principal.