Implementation of a User Anonymity Application Using a Privacy-Preserving Entropy-as-a-Service with Quantum Security

• Iván Cillero ^[1] ; David Soler ^[1] ; Francisco J. Nóvoa ^[1] ; Carlos Dafonte ^[1] ; Ana Fernández ^[2] ; Manuel Fernández-Veiga ^[2]
  1. [1] Universidade da Coruña

     Universidade da Coruña

     A Coruña, España

     
  2. [2] Universidade de Vigo

     Universidade de Vigo

     Vigo, España

     
• Localización: Proceedings XoveTIC 2024: Impulsando el talento científico / coord. por Manuel Lagos Rodríguez, Tirso Varela Rodeiro, Javier Pereira-Loureiro , Manuel Francisco González Penedo , 2024, págs. 183-190
• Idioma: inglés
• Enlaces
  • Texto completo
• Resumen

  • Key material plays a critical role in cryptography. Devices that are unable to generate high-quality keys are exposed to multiple vulnerabilities. In this work, we present an Entropy-as-a-Service (EaaS) architecture to address this problem. The proposed solution creates secure keys and sends them to a mobile application using a Quantum Random Number Generator (QRNG). Futhermore, our solution provides anonymity to the users who request a key while ensuring that the EaaS provider can still apply access control policies. Keys are sent via a quantum channel and received by the mobile application via NFC to ensure security. A certificate is generated with the key to authenticate the user in the application services. This certificate creates an identity separate from his real identity.