Authentication without Identification: from Theory to Practice
Anna Lysyanskaya, Brown University
Monday, December 19, 3:10 PM, MCS 135
Suppose that we have a valuable on-line resource (for example, an on-line
library), and a whole bunch of people authorized to access various sections of
this resource (for example, some people have subscribed to the fiction section
of the library, while others have subscribed to the biography section.) How
does the resource verify that a given user is authorized to access the
requested section?
One approach to resolving this issue is to first find out who the user is, and
then check which sections this user is authorized to access. Some users, in
the context of certain types of resources, may find this unacceptable from the
privacy point of view: they may not feel comfortable communicating who they are
every time that they need to access an on-line resource!
Another approach would be to verify that the user has the appropriate
credentials for accessing the resource in such a way that no other information
about this user is revealed. The fact that this is at all possible may sound
paradoxical. In this talk, I will explain (some of) the theory of
zero-knowledge proof systems that makes this possible in principle. I will
then describe my work on developing highly practical methods for authentication
without identification.
This talk will be based on joint work with Jan Camenisch.
Bio:
Anna Lysyanskaya is an Assistant Professor of Computer Science at Brown
University. She received an A.B. in Computer Science and Mathematics from Smith
College in 1997, and a Ph.D. in Computer Science and Electrical Engineering
from MIT in 2002. She is a recipient of the NSF CAREER award. Her research
interests are in cryptography, theoretical computer science, and computer
security.
——————————————————————————————————–
This is the second colloquium of Boston University’s Reliable Information
Systems and Cyber Security (RISCS) Center. To receive
notification of future colloquia, send
“subscribe” to riscs-announce-request@cs.bu.edu,
visit http://cs-mailman.bu.edu/mailman/listinfo/riscs-announce,
or contact Prof. Leo Reyzin, reyzin@bu.edu.
——————————————————————————————————–