| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 | <!-- HTML header for doxygen 1.8.10--><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/><meta http-equiv="X-UA-Compatible" content="IE=9"/><meta name="generator" content="Doxygen 1.8.11"/><title>Intel® Enhanced Privacy ID SDK: In-Depth Explanation of Basenames</title><link href="tabs.css" rel="stylesheet" type="text/css"/><script type="text/javascript" src="jquery.js"></script><script type="text/javascript" src="dynsections.js"></script><link href="navtree.css" rel="stylesheet" type="text/css"/><script type="text/javascript" src="resize.js"></script><script type="text/javascript" src="navtreedata.js"></script><script type="text/javascript" src="navtree.js"></script><script type="text/javascript">  $(document).ready(initResizable);  $(window).load(resizeHeight);</script><link href="doxygen.css" rel="stylesheet" type="text/css" /><link href="epidstyle.css" rel="stylesheet" type="text/css"/></head><body><div id="top"><!-- do not remove this div, it is closed by doxygen! --><div id="titlearea"><table cellspacing="0" cellpadding="0"> <tbody> <tr style="height: 56px;">  <td id="projectalign" style="padding-left: 0.5em;">   <div id="projectname"><a                             onclick="storeLink('index.html')"                            id="projectlink"                             class="index.html"                             href="index.html">Intel® Enhanced Privacy ID SDK</a> <span id="projectnumber">3.0.0</span></div>  </td> </tr> </tbody></table></div><!-- end header part --><!-- Generated by Doxygen 1.8.11 --></div><!-- top --><div id="side-nav" class="ui-resizable side-nav-resizable">  <div id="nav-tree">    <div id="nav-tree-contents">      <div id="nav-sync" class="sync"></div>    </div>  </div>  <div id="splitbar" style="-moz-user-select:none;"        class="ui-resizable-handle">  </div></div><script type="text/javascript">$(document).ready(function(){initNavTree('Basenames.html','');});</script><div id="doc-content"><div class="header">  <div class="headertitle"><div class="title">In-Depth Explanation of Basenames </div>  </div></div><!--header--><div class="contents"><div class="textblock"><p>This in-depth explanation covers the use of basenames in the Intel® EPID scheme. It provides detail on name based signatures, random base signatures and how and when they are used.</p><p><br /></p><h1><a class="anchor" id="random_base"></a>Random Base Signatures</h1><p>By default, members sign using a random basename that is not shared with the verifier. This signing method is also referred to as signing using random base. Signing using random base provides the strongest privacy properties for the signer. If a member signs using random base, the signature generated by the member is anonymous.</p><p>When the signer and verifier agree to use random base, the basename is chosen at random for each signature. Two signatures using a random base cannot be linked to the same signer.</p><h1><a class="anchor" id="name_based"></a>Name Based Signatures</h1><p>A name based signature is a type of signature that gives the verifier the ability to link Intel® EPID signatures from the same member, reducing the member's privacy. When using name based signatures, the signer and verifier agree on an explicit basename.</p><p>The verifier can ask the member to sign a message with a basename that the verifier chooses. If the member agrees to use a name based signature, then all the signatures created by the member using the same basename are linkable by the verifier, reducing the member's privacy.</p><p>Reasons why a verifier might require members to use a basename when signing include the following:</p><ul><li><b>Profiling for Advertising</b> Widget-Mart wants to show targeted advertising to privacy-conscious customers. Widget-Mart requests that all customers use a specific basename so that Widget-Mart can build an individualized profile for each anonymous user, while Intel® EPID technology ensures that the retailer does not have the ability to aggregate that information with other retailers to build a more extensive profile of the consumer.</li><li><b>Voting</b> A voting machine is designed so that each anonymous authorized voter can only vote once per race. A basename per office being contested allows the verifier to confirm that the voter has not already voted for that office, without revealing their identity or correlating their voting patterns across multiple races.</li></ul><dl class="section warning"><dt>Warning</dt><dd>The use of a name-based signature creates a platform unique pseudonymous identifier. Because it reduces the member's privacy, the user should be notified when it is used and should have control over its use. </dd></dl></div></div><!-- contents --></div><!-- doc-content --><!-- HTML footer for doxygen 1.8.10--><!-- start footer part --><div id="nav-path" class="navpath"><!-- id is needed for treeview function! -->  <ul>    <li class="footer">      © 2016 Intel Corporation    </li>  </ul></div></body></html>
 |