Sie haben Javascript deaktiviert!
Sie haben versucht eine Funktion zu nutzen, die nur mit Javascript möglich ist. Um sämtliche Funktionalitäten unserer Internetseite zu nutzen, aktivieren Sie bitte Javascript in Ihrem Browser.

[Translate to English:] AG Codes und Kryptographie Show image information

[Translate to English:] AG Codes und Kryptographie

Jan Bobolz

 Jan Bobolz

Sonderforschungsbereich 901


Faculty for Electrical Engineering, Computer Science, and Mathematics > Department of Computer Science > Codes and Cryptography

Research Associate

+49 5251 60-6654
Pohlweg 51
33098 Paderborn

Open list in Research Information System


Designing Business Reputation Ecosystems — A Method for Issuing and Trading Monetary Ratings on a Blockchain

S. Hemmrich, J. Bobolz, D. Beverungen, J. Blömer, in: ECIS 2023 Research Papers, 2023

Market transactions are subject to information asymmetry about the delivered value proposition, causing transaction costs and adverse market effects among buyers and sellers. Information systems research has investigated how review systems can reduce information asymmetry in business-to-consumer markets. However, these systems cannot be readily applied to business-to-business markets, are vulnerable to manipulation, and suffer from conceptual weak spots since they use textual data or star ratings. Building on design science research, we conceptualize a new class of reputation systems based on monetary-based payments as quantitative ratings for each transaction stored on a blockchain. Using cryptography, we show that our system assures content confidentiality so that buyers can share and sell their ratings selectively, establishing a reputation ecosystem. Our prescriptive insights advance the design of reputation systems and offer new paths to understanding the antecedents, dynamics, and consequences to reduce information asymmetry in B2B transactions.



Issuer-Hiding Attribute-Based Credentials

J. Bobolz, F. Eidens, S. Krenn, S. Ramacher, K. Samelin, in: Cryptology and Network Security, Springer International Publishing, 2021



Privacy-Preserving Incentive Systems with Highly Efficient Point-Collection

J. Bobolz, F. Eidens, S. Krenn, D. Slamanig, C. Striecks, in: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (ASIA CCS ’20),, ACM, 2020


Updatable Anonymous Credentials and Applications to Incentive Systems

J. Blömer, J. Bobolz, D.P. Diemert, F. Eidens, in: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS '19, 2019

In this paper, we introduce updatable anonymous credential systems (UACS) and use them to construct a new privacy-preserving incentive system. In a UACS, a user holding a credential certifying some attributes can interact with the corresponding issuer to update his attributes. During this, the issuer knows which update function is run, but does not learn the user's previous attributes. Hence the update process preserves anonymity of the user. One example for a class of update functions are additive updates of integer attributes, where the issuer increments an unknown integer attribute value v by some known value k. This kind of update is motivated by an application of UACS to incentive systems. Users in an incentive system can anonymously accumulate points, e.g. in a shop at checkout, and spend them later, e.g. for a discount.


Fully-Featured Anonymous Credentials with Reputation System

K. Bemmann, J. Blömer, J. Bobolz, H. Bröcher, D.P. Diemert, F. Eidens, L. Eilers, J.F. Haltermann, J. Juhnke, B. Otour, L.A. Porzenheim, S. Pukrop, E. Schilling, M. Schlichtig, M. Stienemeier, in: Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES '18, ACM, 2018

We present CLARC (Cryptographic Library for Anonymous Reputation and Credentials), an anonymous credentials system (ACS) combined with an anonymous reputation system. Using CLARC, users can receive attribute-based credentials from issuers. They can efficiently prove that their credentials satisfy complex (access) policies in a privacy-preserving way. This implements anonymous access control with complex policies. Furthermore, CLARC is the first ACS that is combined with an anonymous reputation system where users can anonymously rate services. A user who gets access to a service via a credential, also anonymously receives a review token to rate the service. If a user creates more than a single rating, this can be detected by anyone, preventing users from spamming ratings to sway public opinion. To evaluate feasibility of our construction, we present an open-source prototype implementation.

Provably Anonymous Communication Based on Trusted Execution Environments

J. Blömer, J. Bobolz, C. Scheideler, A. Setzer, 2018

In this paper, we investigate the use of trusted execution environments (TEEs, such as Intel's SGX) for an anonymous communication infrastructure over untrusted networks. For this, we present the general idea of exploiting trusted execution environments for the purpose of anonymous communication, including a continuous-time security framework that models strong anonymity guarantees in the presence of an adversary that observes all network traffic and can adaptively corrupt a constant fraction of participating nodes. In our framework, a participating node can generate a number of unlinkable pseudonyms. Messages are sent from and to pseudonyms, allowing both senders and receivers of messages to remain anonymous. We introduce a concrete construction, which shows viability of our TEE-based approach to anonymous communication. The construction draws from techniques from cryptography and overlay networks. Our techniques are very general and can be used as a basis for future constructions with similar goals.

Delegatable Attribute-based Anonymous Credentials from Dynamically Malleable Signatures

J. Blömer, J. Bobolz, in: ACNS 2018 Applied Cryptography & Network security, 2018

In this paper, we introduce the notion of delegatable attribute-based anonymous credentials (DAAC). Such systems offer fine-grained anonymous access control and they give the credential holder the ability to issue more restricted credentials to other users. In our model, credentials are parameterized with attributes that (1) express what the credential holder himself has been certified and (2) define which attributes he may issue to others. Furthermore, we present a practical construction of DAAC. For this construction, we deviate from the usual approach of embedding a certificate chain in the credential. Instead, we introduce a novel approach for which we identify a new primitive we call dynamically malleable signatures (DMS) as the main ingredient. This primitive may be of independent interest. We also give a first instantiation of DMS with efficient protocols.


Seminar Theses of the Project Group Cybertron

W. Schäfer, S. Dziwok, U. Pohlmann, J. Bobolz, M. Czech, A.P. Dann, J. Geismann, M. Hüwe, A. Krieger, G. Piskachev, D. Schubert, R. Wohlrab, 2015


Open list in Research Information System


Current research interests



The University for the Information Society