Keynote Speaker

Presenter: DR. Jan Camenisch

Dr. Jan Camenisch
Picture by Bruno Schlatter


Cryptographic Primitives for Building Secure and Privacy Respecting Protocols


Using the Internet and other electronic media for our daily tasks has become common. Thereby a lot of sensitive information is exchanged, processed, and stored at many different places. Once released, controlling the dispersal of this information is virtually impossible. Worse, the press reports daily on incidents where sensitive information has been lost, stolen, or misused - often involving large and reputable organizations. Privacy-enhancing technologies can help to minimize the amount of information that needs to be revealed in transactions, on the one hand, and to limit the dispersal, on the other hand. Many of these technologies build on common cryptographic primitives that allow for data to be authenticated and encrypted in such a way that it is possible to efficiently prove possession and/or properties of data revealing the data or side-information about it. Proving such statements is of course possible for any signature and encryption scheme. However, if the result is to be practical, special cryptographic primitives and proof protocols are needed.

In this talk we will first consider a few example scenarios and motivate the need for such cryptograph building block before we then present and discuss these. We start with efficient discrete logarithms based proof protocols often referred to as generalized Schnorr proofs. They allow one to prove knowledge of different discrete logarithms (exponents) and relations among them. Now, to be able to prove possession of a (valid) signature and a message with generalized Schnorr proofs, it is necessary that the signature and the message signed are exponents and that no hash-function is used in the signature verification. Similarly, for encryption schemes, the plain text needs to be an exponent. We will present and discuss a number of such signature and encryption schemes.

To show the power of these building blocks, we will consider a couple of example protocols such as anonymous access control and anonymous polling. We then conclude with a discussion on security definition and proofs. We hope that the presented building blocks will enable many new privacy-preserving protocols and and applications in the future.


Jan Camenisch received a Diploma in Electrical Engineering in 1993 and a Ph.D. in Computer Science in 1998 both from ETH Zurich. From 1998 until 1999 he has been Research Assistant Professor in Computer Science at the University of Aarhus, Denmark. Since 1999 he is Research Staff Member and project leader at IBM Research -- Zurich. He was also the technical leader of the EU-funded projects PRIME ( and PrimeLife ( which both contributed towards making on-line privacy a reality.

His research interests include public key cryptography; cryptographic protocols, in particular those supporting privacy and anonymity; practical secure distributed computation; and privacy-enhancing technologies.