30C3: The Gospel of IRMA (EN)
For more information and to download the video visit: http://bit.ly/30C3_info
Playlist 30C3: http://bit.ly/30c3_pl
Speaker: Jaap-Henk Hoepman
Attribute Based Credentials (ABC) allow users to prove certain properties about themselves (e.g. age, race, license, etc.) without revealing their full identity. ABC are therefore important to protect the privacy of the user. The IRMA (I Reveal My Attributes) project of the Radboud University Nijmegen has created the first full and efficient implementation of this technology on smart cards. This allows ABC technology to be used in practice both on the Internet as well as in the physical world. We will discuss ABCs in general, the IRMA system, it's advantages and pitfalls, and future work.
Attribute Based Credentials (ABC) allow users to prove certain properties about themselves (e.g. age, race, license, etc.) without revealing their full identity. They provide unlinkability, both between issuance of the credential and subsequebtly proving ownership of the credential, as well as between subsequent ownership proces at a service provider. This makes it impossible to track a user as she uses her credentials on the web. This makes ABCs a powerful privacy enhancing technology.
Smart cards are an appealing container to store such credenentials: they are secure, and can be caried by the user in an ordinary wallet. However, ABC use complex cryptography to achieve their privacy preserving properties, thus far evading efficient implementations on such smart cards. The IRMA (I Reveal My Attributes) project of the Radboud University Nijmegen (together with SURFnet and TNO) has created the first full and efficient implementation of this technology on smart cards. The implementation is based on the Idemix technology orginally developed by IBM. The smart card is contactless, to allow NFC enabled smart phones and tablets as readers. This makes it easy to use IRMA cards on the web, or to prove credentials in a small shop on the tablet owned by the shopkeeper.
