Abstract

Regarding the increasing number of applications provided as external services, the importance of pseudonymous data as a means for privacy protection of user entities is growing. Along with it grows the relevance of secure and accurate generation, use and management of pseudonyms. In particular we consider the involvement of third parties in this process as potentially harmful, and therefore favor a decentralized pseudonym generation approach where the role of central components is reduced to a minimum. In this paper, we propose a pseudonym generation mechanism and focus on its implementation based on elliptic curve cryptography, in which every user entity can generate an arbitrary number of uncorrelatable pseudonyms with minimal effort, initially as well as at any later point in time. Because no sensitive information necessary for pseudonym generation is available on central components, our approach provides security as well as flexibility and usability.

Links

• https://link.springer.com/chapter/10.1007%2F978-3-642-22890-2_10

Citation

Lehnhardt, J., Spalka, A., 2011. Decentralized Generation of Multiple, Uncorrelatable Pseudonyms without Trusted Third Parties, in: Furnell, S., Lambrinoudakis, C., Pernul, G. (Eds.), Trust, Privacy and Security in Digital Business, Lecture Notes in Computer Science. Springer Berlin Heidelberg, Berlin, Heidelberg, pp. 113–124. https://doi.org/10.1007/978-3-642-22890-2_10