Privacy-Enhancing Authentication System (PEAS)

Privacy-Enhancing Authentication System (PEAS)

Software

PEAS is a privacy-preserving authentication system that does not disclose the whole user identity to a verifier. Only necessary pieces of the user identity (e.g., age, gender, membership, access ticket, etc.) are provided during the verification phase. The authentication sessions of PEAS are mutually unlinkable. Therefore, the protocol protects user identity and avoid profiling and trucking users. The core of PEAS is based on an Attribute-based Credentials (ABC) cryptography protocol, namely, Keyed-Verification Anonymous attribute-based Credentials (KVAC). The implementation of PEAS is highly modular. PEAS consists of the front-end parts that are realized as web-based or mobile-based applications that can be separately enhanced by new specific features. PEAS uses the cryptography core part that supports all basic and cryptography operations. The cryptography core part is realized as a standalone C-library that is then used by front-end parts. All main PEAS parts can be easily updated and fixed as separated layers. The PEAS core part uses several third party libraries such as pcsc-lite and ccid libraries for smartcard connections, libcjson and libwebsockets for web server connections, openssl, gmp, zlib, mcl for the cryptographic support, and the libpeas library for the RKVAC operation support.

PEAS is a privacy-preserving authentication system that does not disclose the whole user identity to a verifier. Only necessary pieces of the user identity (e.g., age, gender, membership, access ticket, etc.) are provided during the verification phase. The authentication sessions of PEAS are mutually unlinkable. Therefore, the protocol protects user identity and avoid profiling and trucking users. The core of PEAS is based on an Attribute-based Credentials (ABC) cryptography protocol, namely, Keyed-Verification Anonymous attribute-based Credentials (KVAC). The implementation of PEAS is highly modular. PEAS consists of the front-end parts that are realized as web-based or mobile-based applications that can be separately enhanced by new specific features. PEAS uses the cryptography core part that supports all basic and cryptography operations. The cryptography core part is realized as a standalone C-library that is then used by front-end parts. All main PEAS parts can be easily updated and fixed as separated layers. The PEAS core part uses several third party libraries such as pcsc-lite and ccid libraries for smartcard connections, libcjson and libwebsockets for web server connections, openssl, gmp, zlib, mcl for the cryptographic support, and the libpeas library for the RKVAC operation support.

authentication;authorization;access control system;cryptography;privacy protection;revocation;anonymous credentials;attribute-based credentials;android;near field communication;android;smartphone;internet of things;bluetooth

authentication;authorization;access control system;cryptography;privacy protection;revocation;anonymous credentials;attribute-based credentials;android;near field communication;android;smartphone;internet of things;bluetooth

Ústav telekomunikací, FEKT

K využití výsledku jiným subjektem je vždy nutné nabytí licence

https://gitlab.com/brno-axe/peas