ANONYMOUS PUBLIC-KEY CERTIFICATES AND THEIR APPLICATIONS

In this paper a public key certification scheme, which protects privac y of user of the public key certificate, is proposed. in the proposed scheme a certification authority issues anonymous public key certifica tes, with which a certificate user having his/her own secret key can m ake use of public key cryptography and a certificate verifier can conf irm the authenticity of the cryptographic communication of the certifi cate user. The anonymity of their users is preserved against the verif ier. In general, user's activities should not be linked each other fro m the viewpoint of privacy protection. The use of the same certificate results in the linkage of the cryptographic communications. So, ideal ly, a certificate should be used only once, and such a certificate is called a one-time certificate. In the proposed scheme one-time certifi cates are realized with low cost of communication and computation for the certificate user. Multiple certificates can be issued without inte raction between CA and the user. The additional computation of the use r to obtain a new anonymous public key certificate is one modular expo nentiation. In addition, only one secret key is required for multiple certificates. Therefore, the proposed scheme is useful for application s which require anonymity, unlinkability, and efficiency.