Practical anonymous authentication - Designing anonymous authentication for everyday use

We use authentication services many times a day. Without user authentication, it would be impossible to use email accounts, discussion boards, e-banking or even electronic communication. On the other hand, we release a lot of personal information during every authentication process. Our login can be linked to used services and assets by service providers. The frequency of usage and therefore the map of our behaviour on the Internet can be created to make more focused advertisement, to track us or even to steal our electronic identity. The goal of this paper is to state the requirements and provide the initial design for an anonymous authentication scheme which prevents the leakage of private information. The new scheme, to be widely acceptable, must be beneficial for both users and service providers, who implement the authentication systems. Therefore we claim that the new authentication system must provide a feature for revealing dishonest users. These users can be eventually deanonymized and charged for damages. We provide such a responsibility-protecting feature in our scheme. We also compare our scheme design with current anonymous authentication schemes and provide initial performance results from our smart-card implementation.