Authentication without Identification: from Theory to Practice
Anna Lysyanskaya, Informations Systems Dept., SMG, Boston University
Monday, December 19, 3:10 PM, MCS 135
Suppose that we have a valuable on-line resource (for example, an on-line library), and a whole bunch of people authorized to access various sections of this resource (for example, some people have subscribed to the fiction section of the library, while others have subscribed to the biography section.) How does the resource verify that a given user is authorized to access the requested section?
One approach to resolving this issue is to first find out who the user is, and then check which sections this user is authorized to access. Some users, in the context of certain types of resources, may find this unacceptable from the privacy point of view: they may not feel comfortable communicating who they are every time that they need to access an on-line resource!
Another approach would be to verify that the user has the appropriate credentials for accessing the resource in such a way that no other information about this user is revealed. The fact that this is at all possible may sound paradoxical. In this talk, I will explain (some of) the theory of zero-knowledge proof systems that makes this possible in principle. I will then describe my work on developing highly practical methods for authentication without identification.
This talk will be based on joint work with Jan Camenisch.
Bio:
Anna Lysyanskaya is an Assistant Professor of Computer Science at Brown
University. She received an A.B. in Computer Science and Mathematics from Smith
College in 1997, and a Ph.D. in Computer Science and Electrical Engineering
from MIT in 2002. She is a recipient of the NSF CAREER award. Her research
interests are in cryptography, theoretical computer science, and computer
security.
Host: Leo Reyzin