Crypto-Book

John Maheswaran, David Isaac Wolinsky, Bryan Ford
2013 Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks - HotNets-XII  
Through cross-site authentication schemes such as OAuth and OpenID, users increasingly rely on popular social networking sites for their digital identities-but use of these identities brings privacy and tracking risks. We propose Crypto-Book, an extension to existing digital identity infrastructures that offers privacy-preserving, digital identities through the use of public key cryptography and ring signatures. Crypto-Book builds a privacy-preserving cryptographic layer atop existing social
more » ... work identities, via third-party key servers that convert social network identities into public/private keypairs on demand. Using linkable ring signatures, these keypairs along with the public keys of other identities create unique pseudonyms untraceable back to the owner yet can resist anonymous abuse. Our proof-of-concept implementation of Crypto-Book creates public/private key pairs for Facebook users, and includes a private key pickup protocol based on E-mail. We present Black Box, a case study application that uses Crypto-Book for accountable anonymous whistle-blowing. Black Box allows users to sign files deniably using ring signatures, using a list of arbitrary Facebook users -who need not consent or even be aware of this use -as an explicit anonymity set.
doi:10.1145/2535771.2535798 dblp:conf/hotnets/MaheswaranWF13 fatcat:prbtc4gfmfchffrnxq5335xyxy