User-generated pseudonyms through Merkle trees
This addresses privacy and security issues for users in digital systems by providing a novel pseudonymisation method, though it appears incremental as it builds on existing cryptographic concepts.
The paper tackles the problem of user-generated pseudonyms without third parties by proposing a technique based on Merkle trees, which hides original identifiers, ensures unlinkability, and allows proof of ownership while achieving post-quantum security.
A pseudonymisation technique based on Merkle trees is described in this paper. More precisely, by exploiting inherent properties of the Merkle trees as cryptographic accumulators, we illustrate how user-generated pseudonyms can be constructed, without the need of a third party. Each such pseudonym, which depends on several user's identifiers, suffices to hide these original identifiers, whilst the unlinkability property between any two different pseudonyms for the same user is retained; at the same time, this pseudonymisation scheme allows the pseudonym owner to easily prove that she owns a pseudonym within a specific context, without revealing information on her original identifiers. Compared to other user-generated pseudonymisation techniques which utilize public key encryption algorithms, the new approach inherits the security properties of a Merkle tree, thus achieving post-quantum security.