Design and implementation of secure protocols for practical authentication and fair anonymity systems

• Autores: Jesus Diaz Vico
• Directores de la Tesis: David Arroyo Guardeño (dir. tes.) , Francisco de Borja Rodríguez Ortiz (dir. tes.)
• Lectura: En la Universidad Autónoma de Madrid ( España ) en 2015
• Idioma: español
• Tribunal Calificador de la Tesis: Luis Hernández Encinas (presid.) , Álvaro Ortigosa (secret.) , Moti Yung (voc.) , Seung Geol Choi (voc.) , Javier López (voc.)
• Texto completo no disponible (Saber más ...)
• Resumen

  • With the huge growth of information and communication systems, as well as the computing power, privacy has become a main concern for Internet users. Certainly, nowadays users tend to prefer privacy-respectul systems and, consequently, companies providing software solutions also need to worry about it. Nevertheless, the privacy provided by current systems many times reduces to the need of placing too much trust into legal protections. Conversely, the contributions by the research community in this direction many times fail to produce realistic enough solutions, hardly flexible, scalable or deployable in current systems, and thus, impractical.

    In this thesis, we attempt to bridge this gap. Specifically, we base our proposals in currently deployed protocols and systems, but extend them for making them suitable to implement privacy, mainly through fair anonymity. Moreover, our approach for incorporating privacy-by-design grows from addressing less complex tasks towards tackling more complex issues based on the composition of the simple ones. This also allows us to establish a flexible framework from which solutions applicable for contexts other than those explored here may be derived. In turn, this helps to reduce the complexity of deploying new systems from scratch which, as stated, is our initial objective.

    In more detail, in order to ease the design and deployment of privacy respectful systems, we proceed as follows. We first propose a methodology for designing protocols and systems and verifying that they meet the required security properties. This methodology is used to create and verify the protocols and systems proposed afterwards. On the other hand, since we make important use of group signatures for providing privacy through anonymity, and we aim to ease the costs of deploying new systems, we describe an extensible C library that we have implemented and released in an alpha stage, offering a unified API for group signatures. Subsequently, we make use of these global building blocks for creating technology that would most probably be necessary in every privacy respectful system. Specifically, given that the initial problem in any online platform requiring personalized interaction or some kind of authentication is to actually distribute digital identities, we propose SEBIA, a protocol based on EBIA (the typical email-based registration system), but that ensures a reasonable level of security for many contexts. Specifically, it allows the distribution of anonymous identities like the ones that are used as a base to create privacy systems in subsequent chapters, and that are based in group signatures. Once having addressed the distribution problem, we extend the widely deployed X.509 PKI in order for it to be suitable for managing anonymous identities. Specifically, we propose extensions to the OCSP and CRL mechanisms, and create a new X.509-like protocol for communicating evidences of misbehavior (which, regrettably, is a problem sometimes derived from anonymity). With this contributions, we allow the creation of advanced privacy respectful systems based on anonymity. In fact, with the aim of showing it, we design two systems. First, a comprehensive e-commerce system that allows anonymous purchases while being also compatible with typical e-commerce benefits, like customer-specific marketing techniques. Secondly, an extension to the Tor network which, also based on the same mechanisms for managing anonymity, would allow to shift from full anonymity to fair anonymity.

    Moreover, for several of the proposals made in this thesis, we have implemented actual prototypes that have enabled us to perform initial profiling tasks. Despite being preliminary versions lacking optimization, the results indicate that our proposals incur in acceptable costs.