@article{oai:ipsj.ixsq.nii.ac.jp:00070728,
 author = {Toru, Nakamura and Shunsuke, Inenaga and Daisuke, Ikeda and Kensuke, Baba and Hiroto, Yasuura and Toru, Nakamura and Shunsuke, Inenaga and Daisuke, Ikeda and Kensuke, Baba and Hiroto, Yasuura},
 issue = {3},
 journal = {情報処理学会論文誌数理モデル化と応用（TOM）},
 month = {Oct},
 note = {The purpose of this paper is to realize an authentication system which satisfies four requirements for security, privacy protection, and usability, that is, impersonation resistance against insiders, personalization, weak-unlinkability, and memory efficiency. The proposed system is the first system which satisfies all the properties. In the proposed system, transactions of a user within a single service can be linked (personalization), while transactions of a user among distinct services can not be linked (weak-unlinkability). The proposed system can be used with smart cards since the amount of memory required by the system does not depend on the number of services. First, this paper formalizes the property of weak-unlinkability, which has not been formalized in the literatures. Next, this paper extends an identification scheme with a pseudorandom function in order to realize an authentication system which satisfies all the requirements. This extension can be done with any identificationscheme and any pseudorandom function. Finally, this paper proposes an implementation with the Schnorridentification scheme and a collision-free hash function as an example of the proposed system., The purpose of this paper is to realize an authentication system which satisfies four requirements for security, privacy protection, and usability, that is, impersonation resistance against insiders, personalization, weak-unlinkability, and memory efficiency. The proposed system is the first system which satisfies all the properties. In the proposed system, transactions of a user within a single service can be linked (personalization), while transactions of a user among distinct services can not be linked (weak-unlinkability). The proposed system can be used with smart cards since the amount of memory required by the system does not depend on the number of services. First, this paper formalizes the property of weak-unlinkability, which has not been formalized in the literatures. Next, this paper extends an identification scheme with a pseudorandom function in order to realize an authentication system which satisfies all the requirements. This extension can be done with any identificationscheme and any pseudorandom function. Finally, this paper proposes an implementation with the Schnorridentification scheme and a collision-free hash function as an example of the proposed system.},
 pages = {54--66},
 title = {An Identifiable Yet Unlinkable Authentication System in Multi-service Environment},
 volume = {3},
 year = {2010}
}