Approved
Publicly Auditable Privacy Revocation in Practice
Patrik Kron () and Wilmer Nilsson ()
Start
2021-01-26
Presentation
2021-06-17 10:15
Location:
Finished:
2021-07-07
Master's thesis:
Abstract
PAPR Credentials is the name of a not yet published (privately communicated) credential scheme that provides conditional privacy. This means that an administrator can choose to revoke a user’s anonymity. Doing so, however, the administrator must broadcast her intention, as the success of the privacy revocation depends on the help of other users, since the administrator does not have sufficient information to do it alone. This property is what gives rise to the name Publicly Auditable Privacy Revocation (PAPR). Even though an authority can revoke whomever she wants, each revocation will be publicly announced, making it possible to hold the administrator accountable. In this thesis we provide a PAPR Credentials implementation that we use to examine system characteristics. We focus on how different system parameters impact three properties; the computational load for an arbitrary user during the credential issuance procedure, revocation delay and when revocations begin to fail due to the number of previous revocations. On top of PAPR we also construct a proof-of-concept application called PAPR Money, in which the users can transfer Bitcoin to one another, pseudonymously. In case of suspected money laundering or terrorist financing, the underlying PAPR Credentials scheme facilitates the ability to reveal the real identity of the suspect. Our results show how the computational load changes with different sets of system parameters and how the system parameters are key to determining both revocation delay, and revocation failure.
Supervisor: Paul Stankovski Wagner (EIT)
Examiner: Thomas Johansson (EIT)