Efficient Cryptography for Information Privacy

of “Efficient Cryptography for Information Privacy” by Foteini Baldimtsi, Ph.D., Brown University, May 2014. In the modern digital society, individuals, businesses and governments perform numerous everyday tasks such as shopping, banking and commuting using electronic media. Although these electronic transactions provide efficiency and convenience, they usually overlook the privacy of the users. This thesis studies privacy-enhancing technologies in order to get the best of both worlds: all the benefits of electronic transactions but without sacrificing user privacy. Using efficient cryptographic tools such as digital signatures, zero-knowledge proof systems and encryption schemes, we propose secure protocols that protect user privacy and at the same time are practical. Anonymous credential systems allow users to obtain and demonstrate possession of digital credentials in order to authenticate themselves in a privacy-preserving manner. We first show impossibility results on proving the security of one of the most well-known anonymous credential systems, the one due to Stefan Brands, that is currently being implemented by Microsoft under their credential management project, U-prove. Our impossibility result not only applies to Brands but generalizes to a much broader class of protocols. We then propose Anonymous Credentials Light : the first efficient single-use anonymous credential scheme that is provably secure. Cryptographic e-cash allows secure and private electronic payments and provides similar unforgeability and untraceability as physical cash does. Our Anonymous Credentials Light can be extended to an efficient e-cash scheme that moreover has the nice property of encoding users’ attributes in the coins. We provide a smartphone implementation of our proposed scheme and explain how it can be used for efficient and private payments in the public transportation scenario. A limitation of traditional cryptographic e-cash, however, is that it does not allow users to transfer coins to each other. We present the first practical, fully anonymous transferable e-cash scheme that does not