Dr Antonio Skarmeta and Dr Jorge Bernal Bernabe, University of Murcia, Spain, chart a European Research project, OLYMPUS, that addresses the challenges associated with the use of a privacy-preserving identity management solution
OLYMPUS is a European Research project, addressing the challenges associated with the use of privacy-preserving identity management solutions by establishing a new interoperable European identity management framework, based on novel and
disruptive cryptographic approaches applied to currently deployed identity management technologies.
In particular, OLYMPUS employs distributed cryptographic techniques to split
up the role of the online IDP over multiple authorities so that no single authority can impersonate or track its users.
At first sight, privacy and strong identity seem inherently at odds with each other. Indeed, if users are strongly identified during a transaction, then privacy is non-existent. Nevertheless, there exist mechanisms that can reconcile privacy and strong identity, either by trusting an online identity provider (IDP), or by using cryptographic mechanisms such as anonymous credentials.
The former approach, made popular by technologies such as SAML, OpenID Connect and Facebook Connect, has the disadvantage that the IDP forms a single point of failure in terms of privacy and security because it can impersonate and track its users online. The latter approach has the disadvantage that users have to rely on trusted hardware, such as smartcards to protect credentials from compromise and illegitimate sharing.
OLYMPUS is taking a radically new approach offering the seamless user experience of online IDPs, but without their drawbacks. Namely, OLYMPUS is a pioneer in the concept of distributed oblivious identity management, where the role of the IDP is split over multiple authorities so that no single authority can track or impersonate their users. By exploiting advanced techniques based on threshold cryptography, the OLYMPUS framework lets users maintain unlinkable identities with different service providers while using standard devices and a single password or biometric.
By leveraging existing eID solutions to create a strong link to physical identities and by integrating into existing frameworks to ease adoption by service providers, OLYMPUS establishes a secure and interoperable European identity management framework. Its practical feasibility and relevance will be demonstrated in two pilots. The first combines the framework with soft identity proofs to build a mobile driver license application that can
be used for offline purchases of restricted goods. The second use case will leverage pseudonymous identification in the financial world to simplify online credit application.
The Olympus Approach
OLYMPUS distributes the traditional identity provider functionality among different entities, named virtual identity providers (vIdPs). Once the user has enrolled in one IdP, when he wishes to sign-on to a service at a relying party, it executes a protocol with the vIdPs, which will result in it learning a one-time and privacy-preserving token that can be presented to a relying party. The relying party can then verify the token and accepts it, as long as it trusts the identity provider(s). If an attacker might want to construct fake sign-on tokens or brute-force a user’s password, it would require that all the vIdPs collude, thereby minimising the identity-thefts risks.
The private signing key is shared among the vIdPs, they each can compute a partial signature and then those shares are combined by a user software (e.g. mobile) who knows all the partial signatures. The signature resulting from the combination is standard (e.g. SAML or OpenId Assertions) and can be verified by parties who are not aware that it was constructed, based on a threshold signature scheme.
The Olympus framework takes its point of departure in the notion of threshold cryptography. A type of cryptography where secrets and other cryptographic material are shared between several parties. The sharing works in such a way that knowing less than all shares do not give any information away about the secret. It is this idea that makes it possible to achieve enhanced security by using a set of vIdPs rather than a single one. In
addition, OLYMPUS leverages privacy enhanced technologies (PET), such as privacy attribute-based credentials p-ABC, so that the ABC credentials and crypto-material are managed in a distributed way by several vIDPs.
Olympus Evaluation in use cases
The Olympus oblivious IdM framework can be applied in many scenarios, thereby strengthening user’s privacy in different contexts, either online or offline (e.g. face-to-face authentication processes).
Namely, OLYMPUS is currently being evaluated in two uses cases:
Mobile Driver License: This use case demonstrates how Olympus increases privacy control for users willing to buy an age-restricted good or service (for example, a bottle of wine), using the mobile Driver’s License (mDL), ISO 18013-5, as an electronic version of one’s ID document used in his mobile. This approach strengthens citizen privacy, because instead of disclosing the full dataset of the mDL, the user may only share the appropriate
information about age, making zero knowledge crypto proofs that he or she is older or younger than a certain age.
The mDL use case is designed in order to assist privacy preservation during face to face ID verifications. In this way, mDL is seen as a catalyst in facilitating daily and practical implementation of data protection laws for data minimisation, such as the EU European General Data Protection Regulation (GDPR).
Credit File: This use case is intended to showcase how Olympus improves privacy capabilities in current online platforms where SMEs, self-employed and legal or
natural individuals can create and manage their credit file and their standardised rating for financial entities. Usually, the financial entity requires the user’s identification, access to external databases to collect and validate customer data, a credit risk evaluation and if it is granted, establishing a contractual credit relationship.
The anonymisation of financial information achieved thanks to OLYMPUS, prevents potential financial entities from having access to the user’s personal data before performing an actual contractual relationship. Thus, OLYMPUS allows the exchange of minimal required information until the financial entity approves the request and, therefore, the IdPs nor SP can trace users and learn anything about the individual, being fully compliant with the EU GDPR.
Olympus has received funding from European Union’s Horizon 2020 Programme, under Grant Agreement No. 786725.
*Please note: This is a commercial profile