VeryIDX - A Digital Identity Management System for Pervasive Computing Environments


The problem of identity theft, that is, the act of impersonating others’ identities by presenting stolen identifiers or proofs of identities, has been receiving increasing attention because of its high financial and social costs. In this paper we address such problem by proposing an approach to manage user identity attributes by assuring their privacy-preserving usage. The approach is based on the concept of privacy preserving multi-factor authentication achieved by a new cryptographic primitive which uses aggregate signatures on commitments that are then used for aggregate zero-knowledge proof of knowledge (ZKPK) protocols. We present the implementation of such approach on Nokia NFC cellular phones and report performance evaluation results.


identity theft, stolen identifiers, user identity attributes, privacy-preserving, multi-factor authentication, cryptographic primitive, aggregate signatures, knowledge (ZKPK) protocols

Date of this Version



Software Technologies for Embedded and Ubiquitous Systems Lecture Notes in Computer Science, 2008, Volume 5287/2008, 268-279