Deakin University
Browse

Improving Unlinkability of Attribute-based Authentication through Game Theory

Version 2 2024-06-05, 06:26
Version 1 2022-03-09, 17:59
journal contribution
posted on 2024-06-05, 06:26 authored by Yevhen Zolotavkin, Jay JeongJay Jeong, Veronika Kuchta, Maksym SlavnenkoMaksym Slavnenko, Robin Ram Mohan DossRobin Ram Mohan Doss
This article first formalizes the problem of unlinkable attribute-based authentication in the system where each user possesses multiple assertions and uses them interchangeably. Currently, there are no recommendations for optimal usage of assertions in such authentication systems. To mitigate this issue, we use conditional entropy to measure the uncertainty for a Relying Party who attempts to link observed assertions with user labels. Conditional entropy is the function of usage statistics for all assertions in the system. Personal decisions made by the users about the usage of assertions contribute to these statistics. This collective effect from all the users impacts the unlinkability of authentication and must be studied using game theory. We specify several instances of the game where context information that is provided to the users differs. Through game theory and based on conditional entropy, we demonstrate how each user optimizes usage for the personal set of assertions. In the experiment, we substantiate the advantage of the proposed rational decision-making approaches: Unlinkability that we obtain under Nash equilibrium is higher than in the system where users authenticate using their assertions at random. We finally propose an algorithm that calculates equilibrium and assists users with the selection of assertions. This manifests that described techniques can be executed in realistic settings. This does not require modification of existing authentication protocols and can be implemented in platform-independent identity agents. As a use case, we describe how our technique can be used in Digital Credential Wallets: We suggest that unlinkability of authentication can be improved for Verifiable Credentials.

Funding

Privacy Respecting and Compliant Digital Credential wAlleT (PRCDCATT) | Funder: Cyber Security Research Centre Limited | Grant ID: C13-00230

History

Journal

ACM Transactions on Privacy and Security

Volume

25

Article number

12

Pagination

1-36

Location

New York, N.Y.

Open access

  • Yes

ISSN

2471-2566

eISSN

2471-2574

Language

eng

Publication classification

C1 Refereed article in a scholarly journal

Issue

2

Publisher

Association for Computing Machinery (ACM)

Usage metrics

    Research Publications

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC