Synopsis

When accessing an online service provider, a user must present evidence that she is authorized to do so. For example, she may be authorized to participate in an on-line game once a day if she has a license to play. On the other hand, users are entitled to privacy, and should we require them to disclose their identities and show their credentials in the clear, their privacy is jeopardized: if a service provider's records are somehow leaked, or aggregated together with other service providers' records, a record of the user's activities will get exposed to the world, violating her privacy. It turns out that the two requirements --- the service provider's need to verify that the user is authorized and the user's need to protect her privacy --- do not contradict each other! What is needed here is an anonymous credential system that would allow a user to prove that she is authorized without revealing her identity, and, further, to obtain additional credentials without revealing additional information. It is also desirable to be able to impose a limit on how many times a credential may be shown, and in what context, and what happens should a user attempt to use an anonymous credential more times than authorized. In this talk, I will explain the cryptographic tools that allow us to construct such anonymous credential systems. This talk will be based on joint work with Mira Belenkiy, Jan Camenisch, Melissa Chase, Susan Hohenberger and Markulf Kohlweiss.

Bio

Anna Lysyanskaya is an Associate Professor of Computer Science at Brown University. She received an A.B. in Computer Science and Mathematics from Smith College in 1997, and a Ph.D. in Computer Science and Electrical Engineering from MIT in 2002. She is a recipient of an NSF CAREER award and a Sloan Foundation fellowship. Her research interests are in cryptography, theoretical computer science, and computer security.