Cryptology ePrint Archive: Report 2012/298

Anonymous Credentials Light

Foteini Baldimtsi and Anna Lysyanskaya

Abstract: We define and propose an efficient and provably secure construction of blind signatures with attributes. Prior notions of blind signatures did not yield themselves to the construction of anonymous credential systems, not even if we drop the unlinkability requirement of anonymous credentials. Our new notion in contrast is a convenient building block for anonymous credential systems. The construction we propose is efficient: it requires just a few exponentiations in a prime-order group in which the decisional Diffie-Hellman problem is hard. Thus, for the first time, we give a provably secure construction of anonymous credentials that can work in the elliptic group setting without bilinear pairings. In contrast, prior provably secure constructions were based on the RSA group or on groups with pairings, which made them prohibitively inefficient for mobile devices, RFIDs and smartcards. The only prior efficient construction that could work in such elliptic curve groups, due to Brands, does not have a proof of security.

Category / Keywords: Anonymous credentials, attributes, blind signatures, lightweight devices, private identity management.

Date: received 28 May 2012, last revised 21 May 2013

Contact author: foteini at cs brown edu

Available format(s): PDF | BibTeX Citation

Version: 20130522:030444 (All versions of this report)

Short URL: ia.cr/2012/298

Discussion forum: Show discussion | Start new discussion