Improving Unlinkability of Attribute Based Authentication through Game Theory: VC Use Case

September 9th, 2021

Speaker: Dr Yevhen Zolotavkin is a Research Fellow in the CSCRC and the School of IT, Deakin University

Slides: Slides-Yevhen.ppsx


Date: 8 July 2021 15.00-16.00 AEST

Abstract: We formalise the problem of unlinkable attribute-based authentication in the system where each user possesses multiple assertions and uses them interchangeably. We state that existing definition of unlinkability of the assertions that users submit to Relying Party (RP) to get authenticated is limited. This also does not allow to provide recommendations as for optimal usage of available assertions. To mitigate this issue we use conditional entropy to measure uncertainty for RP who attempts to link observed assertions to user labels. Conditional entropy is the function of usage statistics for all assertions in the system. Personal decisions made by the users about usage of assertions contribute to this statistics. This collective effect from all the users impacts unlinkability of authentication and must be studied using game theory. We particularize several instances of the game where context information that is provided to the users differs. Through game theory and based on conditional entropy we demonstrate how each user optimizes usage for the personal set of assertions. In the experiment we substantiate advantage of the proposed rational decision making approaches: unlinkability that we obtain under Nash equilibrium is higher than in the system where users authenticate using their assertions at random. We finally propose an algorithm that calculates equilibrium and assists users with the selection of assertions. This manifests that described techniques can be executed in realistic settings. This does not require modification of existing authentication protocols and can be implemented in platform-independent identity agents. As a use case, we describe how our technique can be used in Digital Credential Wallets (DCW): we suggest that unlinkability of authentication can be improved for Verifiable Credentials (VC).

Bio: Yevhen Zolotavkin is a Research Fellow in the CSCRC and the School of IT, Deakin University. Prior to that, between the years 2016 and 2019, he was a Research Fellow with the Faculty of IT at Monash University, Clayton. Since 2011, he worked at the School of Information Sciences, University of Tampere, Finland, where he defended his PhD in Information and Systems in 2015. He received his Candidate of Sciences degree at National Aviation University, Kyiv, Ukraine in 2010.