@InProceedings{LRSW99,
  author = 	 { Anna Lysyanskaya and Ronald L. Rivest and Amit Sahai and Stefan Wolf },
  title = 	 { Pseudonym Systems },
  pages = 	 { 184--199 },
  doi =          { 10.1007/3-540-46513-8_14 },                  
  booktitle =    { Proceedings of the Sixth Annual International Workshop on Selected Areas in Cryptography 1999 },
  isbn =         { 3-540-67185-4 },                  
  editor = 	 { Howard M. Heys and Carlisle M. Adams },
  publisher =    { Springer },
  date =         { 1999 },                  
  OPTyear = 	 { 1999 },
  OPTmonth = 	 { August 9--10, },
  eventtitle =   { SAC'99 },                  
  eventdate =    { 1999-08-09/1999-08-10 },                  
  venue =        { Kingston, Ontario, Canada },                  
  series = 	 { Lecture Notes in Computer Science },
  volume = 	 { 1758 },
  keywords =     { anonymity, pseudonyms, nyms, credentials, unlinkability, credential transfer },
  abstract =     {
         Pseudonym systems allow users to interact with multiple organizations
         anonymously, using pseudonyms. The pseudonyms cannot be
         linked, but are formed in such a way that a user can prove to one organization
         a statement about his relationship with another. Such a statement
         is called a credential. Previous work in this area did not protect the system
         against dishonest users who collectively use their pseudonyms and
         credentials, i.e., share an identity. Previous practical schemes also relied
         very heavily on the involvement of a trusted center. In the present paper
         we give a formal definition of pseudonym systems where users are
         motivated not to share their identity, and in which the trusted center's
         involvement is minimal. We give theoretical constructions for such systems
         based on any one-way function. We also suggest an efficient and
         easy-to-implement practical scheme.                  
                 }                  
}