Mutual Restricted Identification


          Lucjan Hanzlik, Kamil Kluczniak, Lukasz Krzywiecki, Miroslaw Kutylowski 
                               Wroclaw University of Technology


We extend idea of Restricted Identification deployed in personal identity documents in Germany. 
Our protocol, Mutual Restricted Authentication (MRI for short), is designed for direct anonymous
authentication between users who belong to the same  domain (called also sector). 

MRI requires only one private key per user.  Still  there are no limitations to which domain 
a user may belong and the domains are not fixed in advance. This enables implementation of MRI 
when a strictly limited  secure memory is available (like for smart cards). MRI guarantees that 
a user has exactly one  identity within a domain, while the identities from different domains 
of the same user are not linkable. The main difference between RI and MRI is that in case of  MRI
privacy of both participants are protected, while in case of RI the terminal is fully exposed. 

The protocol is efficient,  extremely simple  (in particular, it outperforms RI) and well suited 
for implementation on  resource limited devices such as smart cards. 

(accepted for EuroPKI 2013)