Abstract: Anonymous Single-Sign-On authentication schemes have been proposed to allow users to access a service protected by a verifier without revealing their identity. This has become more important with the Introduction of strong privacy regulations. In this talk, I will introduce a new approach whereby anonymous authentication to different verifiers is achieved via authorisation tags and pseudonyms. The particular innovation of our scheme is that authentication can occur only between a user and its designated verifier for a service, and the verification cannot be performed by any other verifier. The benefit of this authentication approach is that it prevents information leakage of a user's service access information, even if the verifiers for these services collude. Our scheme also supports a trusted third party who is authorised to de-anonymise the user and reveal her whole service access information if required. Furthermore, our scheme is lightweight because it does not rely on attribute or policy-based signature schemes to enable access to multiple services. The scheme's security model is given together with a security proof, an implementation and a performance evaluation.
Bio: Jinguang Han received his PhD degree from the University of Wollongong, Australia, in 2013. He currently is a research fellow in Surrey Centre for Cyber Security, Department of Computer Science, University of Surrey, UK. His main research interests include cryptography, access control, privacy-preserving systems and cloud computing. He has served as a program co-chair of ProvSec 2016 and a program committee member of over 50 international conferences. He is a senior member of IEEE and an associate editor of Soft Computing.
DetailsOpen to All,
Contact: Shujun Li
T: +44 (0)1227 82 3821
School of Computing