[Busec] busec this week: Foteini Baldimtsi (Wednesday 9:45am)

Sharon Goldberg goldbe at cs.bu.edu
Sun Mar 2 15:27:08 EST 2014

This week, on Wednesday at 9:45am, we have a BUsec seminar on anonymous
credentials by Foteini Baldimtsi from Brown.  Lunch will be at 12:15,
following the CS colloquium by Barna Saha from 11-12:15.

Note the unusual time of the talk and lunch!!!

The following week is March break, so we will not have seminar.The week
after that, there is a CS colloquium by Andrew Bittau from Stanford, at
11am on Wednesday March 19.

See you there,


 BUsec Calendar:  http://www.bu.edu/cs/busec/
 BUsec Mailing list: http://cs-mailman.bu.edu/mailman/listinfo/busec
 How to get to BU from MIT: The CT2 bus or MIT's "Boston Daytime Shuttle"


Anonymous Credentials Light.
Foteini Baldimtsi. Brown.
Wed, March 5, 9:30am - 11:00am
MCS137 @ 111 Cummington St Boston MA

Abstract: Anonymous credential systems allow users to obtain and
demonstrate possession of digital credentials in order to authenticate
themselves in a privacy-preserving manner. When proving possession of a
credential a user reveals only the minimum amount of information
(attributes) required while the transactions to obtain and prove
credentials are unlinkable to each other.

In this talk we propose an efficient and provably secure (in the RO model)
anonymous credential scheme called "Anonymous Credentials Light"[BL'13a].
Our scheme is unlinkable under the decisional Diffie-Hellman assumption,
and unforgeable under the Discrete-Logarithm assumption for sequential
composition. In contrast to prior provably secure anonymous credential
schemes that were based on the RSA group or on groups with pairings our
construction only requires a few exponentiations in a prime-order group in
which the decisional Diffie-Hellman problem is hard and thus, is very
efficient even for lightweight devices. The only prior construction with
similar efficiency is the one due to Stefan Brands, however, as I will
briefly mention, we have shown that Brands scheme cannot be proven
unforgeable in the RO model under any intractability assumption [BL13b].
For our scheme, we define a new cryptographic building block, called "blind
signatures with attributes", and discuss how it can be used in combination
with a commitment scheme to directly get an anonymous credential system.
Finally, I will briefly explain how one can construct electronic cash with
attributes from our new building block and how it can be used for efficient
payments in public transportation.

[BL13a] "Anonymous Credentials Light", Foteini Baldimtsi and Anna
Lysyanskaya, ACM-CCS 2013.
[BL13b] "On the Security of One-Witness Blind Signature Schemes", Foteini
Baldimtsi and Anna Lysyanskaya, ASIACRYPT 2013.


CS Colloquium: Andrea Bittau. Stanford.
Wednesday March 19, 11:00am - 12:15pm
Hariri Institute, MCS180

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20140302/adf229ff/attachment.html>

More information about the Busec mailing list