Enhancing user privacy in federated eID schemes

Kris Shrishak, Zekeriya Erkin, Remco Schaar

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

1 Citation (Scopus)


Numerous services are being offered over the Internet and require identification of users as in face-to-face interactions. To simplify the authentication procedure and reduce the need to manage multiple credentials to access services, electronic identification (eID) schemes have been introduced that involve many service providers (SPs) and identity providers (IDPs) which verify the identity of users and facilitate the user to authenticate him/herself to SPs. In federated eID schemes, IDPs store identifiable user information (attributes), often with a unique ID, and attest on these attributes to SPs. In this work, we address the privacy concerns of storing user attributes at the IDP which allows the IDP to profile the user's behaviour and activities. We propose to store the attributes in a privacy friendly manner so that they cannot be directly linked to a particular user even if the data is leaked. Then we incorporate private information retrieval (PIR) in the usual authentication flow of federated eID scheme so that the IDP can perform its role of authenticating and managing the user's identity without turning into a privacy hotspot. Finally, through a proof-of-concept implementation we show a practical variant of our scheme in which the IDP, with millions of users, partitions its database.

Original languageEnglish
Title of host publication2016 8th IFIP International Conference on New Technologies, Mobility and Security ( NTMS)
EditorsM. Badra, G. Pau, V. Vassiliou
Place of PublicationPiscataway
Number of pages5
ISBN (Electronic)978-1-5090-2914-3
ISBN (Print)978-1-5090-2915-0
Publication statusPublished - 22 Dec 2016
Event8th IFIP International Conference on New Technologies. Mobility and Security, NTMS - Larnaca, Cyprus
Duration: 21 Nov 201623 Nov 2016


Conference8th IFIP International Conference on New Technologies. Mobility and Security, NTMS
Abbreviated titleIFIP NTMS 2016


  • Electronic identification
  • Homomorphic encryption
  • Privacy
  • Private information retrieval


Dive into the research topics of 'Enhancing user privacy in federated eID schemes'. Together they form a unique fingerprint.

Cite this