The Gospel of IRMA : Attribute Based Credentials in Practice

Presented at 30C3 (2013), Dec. 28, 2013, 11:30 a.m. (60 minutes).

Attribute Based Credentials (ABC) allow users to prove certain properties about themselves (e.g. age, race, license, etc.) without revealing their full identity. ABC are therefore important to protect the privacy of the user. The IRMA (I Reveal My Attributes) project of the Radboud University Nijmegen has created the first full and efficient implementation of this technology on smart cards. This allows ABC technology to be used in practice both on the Internet as well as in the physical world. We will discuss ABCs in general, the IRMA system, it's advantages and pitfalls, and future work.

Attribute Based Credentials (ABC) allow users to prove certain properties about themselves (e.g. age, race, license, etc.) without revealing their full identity. They provide unlinkability, both between issuance of the credential and subsequebtly proving ownership of the credential, as well as between subsequent ownership proces at a service provider. This makes it impossible to track a user as she uses her credentials on the web. This makes ABCs a powerful privacy enhancing technology.

Smart cards are an appealing container to store such credenentials: they are secure, and can be caried by the user in an ordinary wallet. However, ABC use complex cryptography to achieve their privacy preserving properties, thus far evading efficient implementations on such smart cards. The IRMA (I Reveal My Attributes) project of the Radboud University Nijmegen (together with SURFnet and TNO) has created the first full and efficient implementation of this technology on smart cards. The implementation is based on the Idemix technology orginally developed by IBM. The smart card is contactless, to allow NFC enabled smart phones and tablets as readers. This makes it easy to use IRMA cards on the web, or to prove credentials in a small shop on the tablet owned by the shopkeeper.

We will discuss ABCs in general, the IRMA system and it's implementation particular, and give a demo of how an IRMA card can be used in practice (using a smart phone as the card reader). More importantly though we will discuss the advantages and disadvantages of ABC technology, compared to other identity management approaches. We will especially discuss the risk of having a ubiquitous authentication infrastructure that ABCs would provide when implemented on national identity cards, and outline ways to mitigate these risks.


Presenters:

  • Jaap-Henk Hoepman
    I am an associate professor in privacy, security and applied cryptography at the Radboud University Nijmegen. My research is inspired by practical problems. I focus on the design of a secure and privacy friendly Internet of Things. Apart from that I study privacy and identity management in a more general context. Because we have become increasingly dependent on information technology, I believe it is important that that we, users individually as well as society as a whole, remain in control. This means we must do all that is necessary to ensure that the technology is open, transparent, reliable, trustable, secure and aligned with our digital liberties. I think different professionals (engineers, legal scholars, social scientists and even artists) can learn from each other's approaches and results. We should join forces to shape our future in this new world. I am an associate professor in privacy, security and applied cryptography at the <a href="http://www.cs.ru.nl/ds">Digital Security</a> group of the <a href="http://www.cs.ru.nl/">Institute for Computing and Information Sciences</a> of the <a href="http://www.ru.nl/">Radboud University Nijmegen</a>, the Netherlands. My research is inspired by practical problems. I focus on the design of a secure and privacy friendly Internet of Things. Apart from that I study privacy and identity management in a more general context. I enjoy talking about my research, and speaking about it in public to a general audience. That is also one of the main reasons to maintain a <a href="http://blog.xot.nl/">blog</a>. In my free time I enjoy making my <a href="http://www.xot.nl/Sound" target="_top">own music</a>, designing <a href="http://www.xot.nl/Visual" target="_top">visuals</a>, and <a href="http://www.sjok.nl/" target="_top">practice</a> Okinawan <a href="http://www.iogkf.com/" target="_top">Goju Ryu karate-do</a>.

Links:

Similar Presentations: