Password based anonymous authentication with private information retrieval

Toru Nakamura, Shunsuke Inenaga, Daisuke Ikeda, Kensuke Baba, Hiroto Yasuura

Research output: Contribution to journalArticlepeer-review

Abstract

This paper focuses on authentication with three types of entities: a user who sends an authentication request, a service provider who receives and verifies the request, and a database who supplies the service provider with information for verifying the request. This paper presents novel authentication protocols that satisfy the following important properties: (1) secure against replay attacks and (2) the database cannot identify which user is authenticating. First, we show a protocol which satisfies Properties (2). Second, we show a protocol which satisfies Properties (1) and (2). A key idea of our authentication protocols is to use private information retrieval (PIR) [Chor et al. J. ACM, 1998].

Original languageEnglish
Pages (from-to)72-78
Number of pages7
JournalJournal of Digital Information Management
Volume9
Issue number2
Publication statusPublished - Apr 2011
Externally publishedYes

Keywords

  • Anonymity
  • Authentication
  • Privacy protection
  • Private information retrieval

ASJC Scopus subject areas

  • Management Information Systems
  • Information Systems
  • Library and Information Sciences

Fingerprint Dive into the research topics of 'Password based anonymous authentication with private information retrieval'. Together they form a unique fingerprint.

Cite this