- 10.30am, 13 August 2018 – Dr Jinguang Han, University of Surrey
Title: Anonymous Single-Sign-On for n Designated Services With Traceability
Abstract: Anonymous Single-Sign-On authentication schemes have been proposed to allow users to access a service protected by a verifier without revealing their identity. This has become more important with the introduction of strong privacy regulations. In this talk, I will introduce a new approach whereby anonymous authentication to different verifiers is achieved via authorisation tags and pseudonyms. The particular innovation of our scheme is that authentication can occur only between a user and its designated verifier for a service, and the verification cannot be performed by any other verifier. The benefit of this authentication approach is that it prevents information leakage of a user’s service access information, even if the verifiers for these services collude. Our scheme also supports a trusted third party who is authorised to de-anonymise the user and reveal her whole service access information if required. Furthermore, our scheme is lightweight because it does not rely on attribute or policy-based signature schemes to enable access to multiple services. The scheme’s security model is given together with a security proof, an implementation and a performance evaluation.
Speaker Bio: Jinguang Han received his Ph.D from University of Wollongong, Australia, in 2013. He currently is a research fellow in Surrey Centre for Cyber Security, Department of Computer Science, University of Surrey, UK. His main research interests include cryptography, access control, privacy-preserving systems and cloud computing. He has served as a program co-chair of ProvSec 2016 and a program committee member of over 50 international conferences. He has published more than 40 research papers in refereed international journals and conferences.