Requesting Anonymous Certificates

1. Delivering Anonymous CertificatesPresented to: IDTrust2009Presented by: James L. Fisher (jlf@...org)Date: April 16, 2009

2. Requesting Anonymous Certificates Anonymous CA Authorizer (Z) User • Request for anon key pair + cert= f( assignedGroup, Encrz(trueID) ) • Authorization request= f( Encrz(trueID) ) • Decr( Encrz(trueID) ) • Too many requests? • Authorization granted • Generate & sendanon key pair + cert • Has authZ to act • Knows which anon keyssent • Does not know whoreceived them • Checks eligibility • Knows requestor’s ID • Does not know anonkeys sent “Two to collude”

3. Requesting Anonymous Certificates Anonymous CA Authorizer (Z) User • Request for anon key pair + cert= f( assignedGroup, Encrz(trueID) ) • Authorization request= f( Encrz(trueID) ) • Decr( Encrz(trueID) ) • Too many requests? • AuthZn granted • Generate & sendanon key pair + cert • Has authZ to act • Knows which anon keyssent • Does not know whoreceived them • Checks eligibility • Knows requestor’s ID • Does not know anonkeys sent “Two to collude”