bpK#: Delegatable Pseudonyms And Their Applications to National eID Systems

Electronic identities (eIDs) are crucial in an increasingly digitalized environment. Pseudonyms, as offered by Austria's governmental sector-specific personal identifiers (bPks), can significantly improve privacy by ensuring that personal data is not universally traceable across public services and private companies. However, the current architecture comes with several challenges regarding availability, privacy, and authenticity, due to a fully centralized design. This paper proposes bPk#, a distributed architecture to address these issues, reducing reliance on the central authority, while still providing all functional requirements to the existing bPk system. In particular, users are delegated the rights to compute their own pseudonyms, thereby minimizing metadata revealed to the central authority, while (subsets of) service providers may receive the right to compute pseudonyms only within their own domain, thereby reducing the availability needs of the central authority. To the best of our knowledge, we provide the first formal framework for such delegatable pseudonym systems, together with a generic construction for which we provide formal security proofs. Furthermore, we propose a concrete instantiation of our construction, together with a reference implementation demonstrating the practical efficiency.