Anonymous attribute certificates based on traceable signatures

Purpose – To provide a cryptographic protocol for anonymously accessing services offered on the web. Such anonymous accesses can be disclosed or traced under certain conditions. Design/methodology/approach – The “traceable signature” scheme was used in conjunction with the “privilege management infrastructure”. Findings – The cryptographic primitive provides a suitable tool for anonymous and unlinkable access to web resources based on the privileges that users hold. Moreover, the scheme allows for anonymity revocation and tracing of unlinkable accesses. Research limitations/implications – The power of the attribute authority should be divided into several entities, one of them being a trusted third party, to avoid illicit disclosing of information. Practical implications – New systems with support for anonymous access to web resources can be developed. Originality/value – This paper adds the unlinkability property to anonymous accesses together with a tracing facility to existing proposals.