Privacy–enhancing schemes, protocols and systems; Cryptography; Privacy; Anonymity. In this paper, we offer a comprehensible survey and classiﬁcation on cryptographic schemes which serve as the building blocks for most privacy–enhancing protocols and systems being deployed nowadays. For each cryptography material heredescribed we offer a brief description of its foundations, the privacy–related features it possesses and an illustration of its application to some real life scenarios. The classiﬁcation proposed is, to the best of our knowledge, pioneer in collecting all cryptography material with regard to privacy.
For over decades, cryptographic solutions have aimed at providing conﬁdentiality,integrity and availability of data. Nowadays, privacy related issues have extended the goals of cryptography researchers. End– users and e–service providers are demanding new security schemes, with novel privacy enhancing features such as anonymity of participants, unlinkability and unobservability of online transactions, as well as selective and minimal disclosure of information (a detaileddescription on each of those terms can be found in (Pﬁtzmann and Hansen, 2009)). The global understanding is that the breech of any of these properties could result in traceability of electronic actions, linkability across many domains, discrimination, no control over secondary use of private information, identity theft, fraud, etc. The framework of this study assumes a scenario in which physical entitiesare in possession of a unique digital identity of some form (loginname&password, smart–card, electronic identity card, digital ﬁngerprint, digital certiﬁcate, etc.) and make use of such digital identiﬁers to perform electronic transactions. Formally, different types of cryptographic material can be viewed according to the following threelevel general model (IEEE-P1363, 2009): • Primitives - Basicmathematical operations that are based on number-theoretic hard problems.
Primitives are not meant to achieve security or privacy just by themselves, but they serve as building blocks for schemes. • Schemes - A collection of related operations combining primitives and additional methods. Schemes can provide complexity-theoretic security which is enhanced when they are appropriately applied inprotocols. • Protocols - Sequences of operations to be performed by multiple parties to achieve speciﬁc goals. Additionally, in this work we consider Systems as a set of protocols which are implemented and integrated to achieve a common set of goals.
1.1 Overview of our Work
In this paper we offer a comprehensible survey and classiﬁcation of those cryptographic schemes, protocols and systemswhich conform, assist or enhance privacy aspects of electronic operations. Most privacy–enhancing software and system architectures being deployed nowadays are based on the mechanisms described in this work. We group together all cryptography material with privacy–related features or applications (no other security property is discussed) in chronological order, offering a brief description of itsfoundations, basic extensions, and an
example of their application in some protocols deployed in real life scenarios. The privacy related issues being addressed are mainly concerned with anonymity of the sender/recipient of some digital data, anonymity of the signer of some digital data, unlinkability of online transactions, unobservability of entities’ online activities and the selective andminimal disclosure of information. Although there exist a very few surveys on each of the schemes here described ((Baek et al., 2004; Gorantla et al., 2005; Camenisch et al., 2005; Wang et al., 2008; Pape, 2009)), to the best of our knowledge, no similar global work had been undertaken so far. The rest of the paper is organized as follows. In Section 2 all the cryptographic privacy–enhancing...