BLIND: A complete identity protection framework for end-points

Jukka Ylitalo*, Pekka Nikander, Matt Blaze, Pasi Eronen

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

9 Citations (Scopus)


In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and eavesdroppers by blinding the identifiers. We complete the identity protection by offering location privacy with forwarding agents. To our knowledge, our privacy enhanced protocol is the first denial-of-service resistant two-round-trip key exchange protocol that offers identity protection for both communicating peers.

Original languageEnglish
Title of host publicationSecurity Protocols - 12th International Workshop, Revised Selected Papers
PublisherSpringer Verlag
Number of pages16
ISBN (Print)3540409254, 9783540409250
Publication statusPublished - 1 Jan 2006
MoE publication typeA4 Article in a conference publication
EventInternational Security Protocols Workshop - Cambridge, United Kingdom
Duration: 26 Apr 200428 Apr 2004

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3957 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


WorkshopInternational Security Protocols Workshop
CountryUnited Kingdom

Fingerprint Dive into the research topics of 'BLIND: A complete identity protection framework for end-points'. Together they form a unique fingerprint.

Cite this