From 4afc37e5591a5422626060c2c8bb04d052aae430 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mika=C3=ABl=20Ates?= Date: Tue, 30 Aug 2011 19:00:33 +0200 Subject: [PATCH] NEWS file added for release 1.1.1 --- NEWS | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 NEWS diff --git a/NEWS b/NEWS new file mode 100644 index 0000000..aed013a --- /dev/null +++ b/NEWS @@ -0,0 +1,67 @@ +NEWS +==== + +1.1.1 - September 30th 2011 +--------------------------- + +This is the first official release of Cryptic. + + +Cryptic is a free software library released under the GNU GPL v2 and above +license. + +Cryptic allows the implementation of digital certificates with advanced +properties. The goal is to ensure privacy for cross-organization exchanges of +certified data. + +Cryptic is written in C language and depends on glib and openssl. Bindings for +the Python and Java languages are provided. + +Advanced certificates helps in reducing the certified information disclosed to +verifiers. The certificates have the following properties: + * Selective disclosure of content. + * Proofs on attributes contained in certificates. + * Unlinkability between certificate issuing and showing transactions. + +The Cryptic library can be used to create at a low-level certificates with the +properties previously enumerated. The certificate formatting, in XML or ASN1 +for instance, is not handled in Cryptic. + +The goal is a fine-grained information disclosure for off-line certificates. +Such certificates may be used multiple times without re-issuing. When a +certificate is issued on demand, it is trivial to make it includes only the +needed information. However, when the certificate is already issued, it is +useful to have means to select which signed information is revealed. For +instance, the selective disclosure allows to reveal a date of birth and not a +place of birth both contained in the same certificate. A range proof allows to +only reveal that the certificate prover is of age and not reveal the date of +birth contained in the certificate. + +A certificate is said 'proved' because a secret is included in the +certificate. To only show a certificate require to prove to verifier that the +secret is known without revealing it. (It is similar to prove the knowledge of +a private key making a signature. In a way, the public key is proved as a +certificate is proved.) + +Certificate holder is a term usually avoided because it may refer to bearer +tokens. Holder may be used if it is taken as a synomous to know the secret of +the certificate hold. + +Furthermore, the CL-Signature implementation allows the unlinkability of a +certificate issued with this certificate shown to verifiers. In other words, +the certificate signature can not be used as a factor of linkability between +to transactions involving a same certificate. (But many other factors may be +used (time correlation, attribute contents, etc.), unlinkability is a huge +paradigm.) + +The unlinkability may be expected when a user shows multiple times a same +certificate or between the issuing and showing transactions of this +certificate. The unlinkability of the user transactions is a strong property +of anonymity and ion some cases a privacy-preserving principle. + +For instance, Cryptic can be used to implement e-cash and e-voting +architectures. + +The library does not deal with storage and protocols, only computation. + +See the README file for more information.