Fair anonymous authentication for location based services

Abstract

We propose an efficient anonymous authentication scheme that provides untraceability and unlinkability of mobile devices, while accessing Location-Based Services. Following other recent approaches for mobile anonymity, in our scheme the network operator acts as an anonymous credential issuer for its users. However, our scheme supports credential non-transferability, without requiring embedded hardware security features. In addition it supports fairness characteristics. On one hand, it reduces the trust assumptions for the issuer by supporting non-frameability: the issuer, even in collaboration with the LBS provider, cannot simulate a transaction that opens back to an honest user. On the other hand, it supports anonymity revocation for illegally used credentials. Our scheme uses standard primitives such as zero-knowledge proofs, MACs and challenge/responses. We provide formal security proofs based on the intractability of the Divisible Diffie-Hellman assumption. © 2013 Springer-Verlag.