Presentation is loading. Please wait.

Presentation is loading. Please wait.

Signing transactions anonymously with Identity Mixer in Hyperledger

Published by稚 霍 Modified over 5 years ago

Similar presentations

Presentation on theme: "Signing transactions anonymously with Identity Mixer in Hyperledger"— Presentation transcript:

1 Signing transactions anonymously with Identity Mixer in Hyperledger
Idemix team: Jan Camenisch, Manu Drijvers, Maria Dubovitskaya Blockchain team: Elli Androulaki, Angelo De Caro, Andreas Kind, Alessandro Sorniotti IBM Research - Zurich

2 (prove Over 17 from ID issued by eGov)
Identity Mixer Attribute-based credentials Strong authentication (signatures) Privacy-preserving Access Control Selective disclosure of attributes, predicates over attributes, full unlinkability Auditability Revocation Preserving privacy and unlinkability - Verification is done with the public key of the issuer only Presentation Policy (prove Over 17 from ID issued by eGov)

3 Identity Mixer vs. multiple X.509 TCerts
Certificate Authority (CA) X.509 Identity Mixer Attr 1 Attr 2 Attr 1 Attr 2 secret key public key Attr 1 Attr 2 Attr 1 Attr 2 Attr 1 Attr 2 Attr 1 Attr 2 Attr 1 Attr 2 Attr 1 Attr 2 Attr 1 Attr 2 Attr 1 Attr 2 Presentation Policy 2 Presentation Policy 1 trust Attr 1 Attr 2 Attr 1 Attr 2 Presentation Policy 1 Transaction B Attr 1 Attr 2 Transaction A Attr 1 Attr 2 Attr 1 Attr 2 Transaction A Transaction C Transaction B Attr 1 Attr 2 Attr 1 Attr 2 Attr 1 Attr 2 CA’s public key Verifier

4 Membership management with Identity Mixer
ECerts: (relatively) static enrollment certificates acquired via registration with an enrollment certificate authority (CA). TCerts: Identity Mixer presentation proofs derived from ECert, without interaction with CA Blockchain User B Certificate Authority (CA) Blockchain User A TkeyB shares public key U Application Membership uses uses Ecert U Requests certificates 1xEcert invokes SC txn (signed with TkeyA, encrypted with TkeyA, TkeyB…) Application (stored in wallet) TkeyA TkeyB Accesses ledger TkeyB sc deployed on every validating peer Smart contract Consensus Network (signed with Ekey of origin, encrypted with validators’ key)

5 Contribution Overview: MVP for Java SDK
User.java (extend with GetSigningIdentity() method) TransactionContext.java Sign Transactions Identity/SigningIdentity.java IdemixSampleStore.java Sign/Verify (Generate/Verify Presentation Tokens) User Certificates Idemixgen tool KeyGen Issuance Revocation Identity Mixer crypto package Generate CA keys Issue ECert Presentation Verification Audit

Download ppt "Signing transactions anonymously with Identity Mixer in Hyperledger"

Similar presentations

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
1 Privacy Prof. Ravi Sandhu Executive Director and Endowed Chair March 8, 2013 © Ravi Sandhu World-Leading Research.

1 Privacy Prof. Ravi Sandhu Executive Director and Endowed Chair March 8, © Ravi Sandhu World-Leading Research.
Claudia Diaz, Hannelore Dekeyser, Markulf Kohlweiss, Girma Nigusse K.U.Leuven IDIS Workshop 29/05/2008 [Work done in the context of the ADAPID project]

Claudia Diaz, Hannelore Dekeyser, Markulf Kohlweiss, Girma Nigusse K.U.Leuven IDIS Workshop 29/05/2008 [Work done in the context of the ADAPID project]
7/11/2011Pomcor 1 Pros and Cons of U-Prove, Idemix and Other Privacy-Enhancing Technologies Francisco Corella Karen Lewison Pomcor.

7/11/2011Pomcor 1 Pros and Cons of U-Prove, Idemix and Other Privacy-Enhancing Technologies Francisco Corella Karen Lewison Pomcor.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase Microsoft Research.

Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase Microsoft Research.
PKI Implementation in the Real World

PKI Implementation in the Real World
Report on Attribute Certificates By Ganesh Godavari.

Report on Attribute Certificates By Ganesh Godavari.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
AAI and universities Roles and functions. The Smart Card Architect Objectives zBuild a secure Authentication and Authorization Infrastructure between.

AAI and universities Roles and functions. The Smart Card Architect Objectives zBuild a secure Authentication and Authorization Infrastructure between.
Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.

Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Anonymous Credentials Gergely Alpár Collis – November 24, 2011.

Anonymous Credentials Gergely Alpár Collis – November 24, 2011.
I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.

I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.
Public Key Infrastructure from the Most Trusted Name in e-Security.

Public Key Infrastructure from the Most Trusted Name in e-Security.
X.509 Certificate management in.Net By, Vishnu Kamisetty

X.509 Certificate management in.Net By, Vishnu Kamisetty
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

Similar presentations

Ads by Google