Keynote Dr. Anja Lehmann

Cryptography for Identity Management: Challenges & Perspectives

In this talk, I will discuss recent developments for enhancing the security and privacy of cryptographic schemes related to identity management. The talk will revolve around two main examples: password-based authentication and pseudonymization as a technique to de-sensitize data. For both I will discuss the inherent security limitations of the currently deployed solutions, and describe new approaches that provide significantly stronger security guarantees. In the case of passwords, the main weakness is their vulnerability to offline attacks that determine a user's password by brute-forcing all possibilities. I will show how the risk of such attacks can be mitigated without forcing users to choose complex and hard to memorize passwords.



Dr. Anja Lehmann arbeitet als wissenschaftliche Mitarbeiterin in der Security & Privacy Group bei IBM Research - Zürich.