ABC4Trust logo

ABC4Trust is an EU-funded research initiative that uses cryptographic technologies to provide better protection of privacy and identity on the Internet.

Who can I contact?

Dr. Pascal Paillier

Pascal Paillier, PhD

CEO, Senior Security Expert

 

Schedule

Start:November 1, 2011
End:October 31, 2014

Links

Budget

Total cost of €13,59 Million (€8.85 Million EU-funded)

11 Partners

Events

  • 4th General Meeting, from Wednesday 25th of January, 2012 until Friday 27th of January, 2012

Related technology

Embedded Cryptographic Libraries

Give us the instruction set of your microcontroller and we do the rest.

We have more than 16 years of experience in developing and delivering cycle-accurate optimized cryptographic libraries. Our software can be declined on a variety of hardware platforms and support standard and advanced cryptographic algorithms.

Details

Related services

Cryptographic Protocols

Security by design is not an abstract concept.

Beware of alleged "military grade secure" products. It is one thing to use AES-256 or RSA-4096, using it correctly is a different kettle of fish.
We can help you build innovative products that require any standard or advanced cryptographic tools, such as elliptic curves, identity-based encryption, anonymous signatures, e-cash, DRM, Pay-TV and many others.

Details

Standardization

Opening the way to mid-term cryptography revolutions.

ISO/IEC SC 27 is the arena where international crypto standards are conceived. We work within ISO for a world that offers better security and better privacy to the global industry, gov-related institutions and above all, to users.

Details

Related research projects

LYRICS

Protecting user privacy on NFC-enabled mobile phones.

A personal data breach may, if left unaddressed in an adequate and timely manner, result in a substantial economy loss and social harm. A breach should be considered as adversely affecting the data or privacy of a subscriber or service user when it can result in, for example, a confidentiality breach, discrimination, unwanted exposure, loss of control, unauthorized commercial solicitations or damage to reputation. Innovative crypto can help.

Details

KISS

The Smart Cloud approach: database-supporting smartcards securely operated through the Cloud.

The KISS research initiative introduces the concept of Smart Cloud, whereby end users carry secure tokens managing their personal data instead of relying on cloud storage. Through a variety of innovative cryptographic technologies, a Smart Cloud also supports data federation and aggregation such as statistics, but in a built-in, privacy-respecting way.

Details

Everyday citizens access thousands of different Internet services, such as online banking, e-shopping, and social networks. For virtually every service, users have to create a personal user profile and get access to the service after a login via username and password. This means that the user is linked to the transaction, which is undesirable. Disclosing more information than necessary not only harms users’ privacy but also increases the risk of abuse of information - such as identity theft - if personal information falls into the wrong hands.

European Research Consortium to Pilot Digital Privacy Solutions at University and Secondary School

The goal of ABC4Trust is to show that systems of Attribute-Based Credentials can support both secure authentication as well as privacy, for instance in connection with electronic ID cards (eID), computer-supported polls, surveys, etc. ABC4Trust aims to establish an overall architecture and a common platform for existing ABC systems and to test these in a number of pilot tests.

The contribution of CryptoExperts includes a smartcard implementation of the different cryptographic building blocks, a comparison of the specific offerings from IBM (IdentityMixer) and Microsoft (U-Prove) in terms of portability and efficiency, and leading the development of a common open architecture for ABC solutions.

The ABC4Trust consortium is coordinated by “Chair of Mobile Business & Multilateral Security” at Goethe University in Frankfurt and brings together leading companies, European universities, and other partners to deploy in practice privacy and identity management technology.

OBJECTIVES AND EXPECTED OUTCOMES

The ABC4Trust project has two research objectives:

  1. to define a common, unified architecture for ABC systems to allow comparing their respective features and combining them on common platforms, and
  2. to deliver open reference implementations of selected ABC systems and deploy them in actual production pilots. This will allow provably accredited members of restricted communities to provide anonymous feedback on their community or its members.

TECHNOLOGY CONVERGENCE

The four-year project will test privacy-preserving Attribute-Based Credentials (ABC) that allow the user to prove just the required information, without giving away a full identity.

The ABC system will make use of the two privacy-respecting technologies, IBM’s Identity Mixer and Microsoft’s U-Prove.

IBM Identity Mixer and Microsoft U-Prove use sophisticated, yet efficient, cryptographic algorithms to help ensure that an individual’s real identity, including personal attributes and behavior profiles, are never exposed to a service provider without the individual’s consent.

This technology is suitable for a wide range of applications, including insurance, healthcare services, online shops or credit cards. The technologies and its inventors have received several awards; in particular, they jointly received the Best Innovation European Identity Award 2010.

With ABC4Trust, Identity Mixer and U-Prove will be truly interoperable with the help of Nokia Siemens Networks’ IDM Solution being the party that integrates with both.

TWO TEST SITES

Patras University in Greece and Norrtullskolan secondary school in So”derhamn, Sweden, are selected as pilot sites for testing privacy-enabling technology to be used for school portals and electronic evaluation of university courses.

In both pilots ABC4Trust will allow each education facility to issue credentials to its users, including pupils, parents and students, enabling them to, prove that they have attended a certain class, are members of a specific group such as a sports team, or have a given sex or age.

When the digital credentials are stored on a smartcard or mobile phone, users may use them for authenticating towards services. At the Patras pilot, the university will be able to run its own computerized feedback system and students can take comfort in knowing that ABC4Trust is protecting their identity.

BUSINESS PERSPECTIVES

As electronic personal identification cards and electronic driving licenses are becoming more widespread for identification, authentication, and payment in a broad range of applications, the users’ privacy will become an even greater challenge.

Privacy technologies, such as the ones piloted in ABC4Trust, will be necessary for building sustainable privacy solutions into these systems.

With ABC4Trust, communication service providers will be in a very good position to offer a better customer experience by providing advanced user-centered Identity Management (IdM) functionality.

Related publication

  • Integrating Anonymous Credentials with eIDs for Privacy-Respecting Online Authentication.
    Ronny Bjones, Ioannis Krontiris, portrait ofPascal Paillier, Kai Rannenberg.
    In APF 2012, pp. 111-124, 2012.