Comment Feed for Channel 9 - Deep Dive into U-Prove Cryptographic Protocols http://ecn.channel9.msdn.com/o9/previewImages/100/531358_100x75.jpg Channel 9 - Deep Dive into U-Prove Cryptographic Protocols In this third and last IdElement installment on the U-Prove CTP series, we once again feature Dr. Stefan Brands, who spends an hour describing the crypto behind U-Prove. Wrapping your head around all the mathematical details may require some effort, but if you are interested in this space it is totally worth it. By the end of the video, you will have a clear understanding of how U-Prove works and how it can truly reconcile security and privacy requirements.If you want to go even deeper, Stefan's book on the topic is freely available on line.Get the CTP here Get the C# edition Get the Java edition en Fri, 24 May 2013 22:24:32 GMT Fri, 24 May 2013 22:24:32 GMT Rev9 Re: Deep Dive into U-Prove Cryptographic Protocols What does prevent the cooperation of the RP and IP to track the user?
The IP could store who requested the token which resulted in {H}sign and report it back to the RP. What am I missing?

posted by enzol

]]> http://channel9.msdn.com/Shows/Identity/Deep-Dive-into-U-Prove-Cryptographic-Protocols#c634031791710000000 Wed, 03 Mar 2010 02:12:51 GMT http://channel9.msdn.com/Shows/Identity/Deep-Dive-into-U-Prove-Cryptographic-Protocols#c634031791710000000 enzol Re: Deep Dive into U-Prove Cryptographic Protocols From my understanding they can't cooperate because IP & RP don't know about each other Smiley

posted by ranamauro

]]> http://channel9.msdn.com/Shows/Identity/Deep-Dive-into-U-Prove-Cryptographic-Protocols#c634031842940000000 Wed, 03 Mar 2010 03:38:14 GMT http://channel9.msdn.com/Shows/Identity/Deep-Dive-into-U-Prove-Cryptographic-Protocols#c634031842940000000 ranamauro Re: Deep Dive into U-Prove Cryptographic Protocols Well, the RP must know the IP:

1. to verify the signature

2. to be sure that is a well known authority (equivalent of a CA in classical crypto)

From what I understand is the "signature" part that handles this and it is not clear if H is what is actually disclosed to RP or not. If it is I don't see how RP and IP cannot cooperate, but again I might be missing somethig.

posted by enzol

]]> http://channel9.msdn.com/Shows/Identity/Deep-Dive-into-U-Prove-Cryptographic-Protocols#c634032273480000000 Wed, 03 Mar 2010 15:35:48 GMT http://channel9.msdn.com/Shows/Identity/Deep-Dive-into-U-Prove-Cryptographic-Protocols#c634032273480000000 enzol Re: Deep Dive into U-Prove Cryptographic Protocols
Please correct me if someone else knows more.

posted by D.R.

]]> http://channel9.msdn.com/Shows/Identity/Deep-Dive-into-U-Prove-Cryptographic-Protocols#c634305987530000000 Fri, 14 Jan 2011 10:45:53 GMT http://channel9.msdn.com/Shows/Identity/Deep-Dive-into-U-Prove-Cryptographic-Protocols#c634305987530000000 D.R. Re: Deep Dive into U-Prove Cryptographic Protocols Indeed, U-Prove tokens are obtained using an advanced issuance protocol that results in “unlinkable” public key and issuer signature (these values are randomized by the user in the process). Since the issuer never sees these values, they cannot be used to track the user, even in collusion with the relying party (even if the issuer _is_ the relying party).

The video refers to our first U-Prove CTP. We recently released an update to the CTP, using the same architecture model but with a different client implementation. Details can be found on http://www.microsoft.com/u-prove; I encourage you to take a look at the white paper and the technology overview for more information.

posted by UProveTeam

]]> http://channel9.msdn.com/Shows/Identity/Deep-Dive-into-U-Prove-Cryptographic-Protocols#c634351322580000000 Mon, 07 Mar 2011 22:04:18 GMT http://channel9.msdn.com/Shows/Identity/Deep-Dive-into-U-Prove-Cryptographic-Protocols#c634351322580000000 UProveTeam