Rethinking accountable privacy supporting services

Abstract

As privacy concerns among consumers rise, service providers will increasingly want to provide services that support privacy enhancing technologies. At the same time, providers of commercial services require the security of identifying misbehaving users. For instance, users that do not pay their bill can be held accountable for their behavior. We propose a scheme that permits privacy support while retaining accountability. In our proposed scheme an honest user may enjoy full anonymity, but dishonest users who do not pay their bill have their identity revealed. In contrast to existing revocable anonymity systems, our proposed scheme requires less trust in an external authority, while simultaneously making accountability easier (and less costly) to achieve. We contribute the concept of a time capsule, that is, a verifiable encryption with timed and revocable decryptability. Copyright 2008 ACM.