Informatik, TU Wien

Privacy-friendly Authentication

The recent rise in phishing and identity theft attacks have made it widely acknowledged that Internet requires strong authentication mechanisms.

The recent rise in phishing and identity theft attacks have made it widely acknowledged that Internet requires strong authentication mechanisms. At the same time, identity information becomes available digitally, ranging from electronic identity cards to mobile phone based. The foreseen wide use of strong electronic authentication reminds one of an Orwellian society. Indeed, it is also being recognized that the protection of people's privacy in a digital world is paramount, not only because it being an fundamental right but also as a security requirement as the fewer personal data is available the harder it is to use it for fraudster.

In this talk we will discuss privacy-enhancing identity technologies that allow for any degree of authentication from complete anonymity to full identification. We will further discuss their role in the upcoming federated identity frameworks. Finally, we give an outlook on future research.