Cryptology ePrint Archive: Report 2014/285

Privacy-Enhancing Proxy Signatures from Non-Interactive Anonymous Credentials

David Derler and Christian Hanser and Daniel Slamanig

Abstract: Proxy signatures enable an originator to delegate the signing rights for a restricted set of messages to a proxy. The proxy is then able to produce valid signatures only for messages from this delegated set on behalf of the originator. Recently, two variants of privacy-enhancing proxy signatures, namely blank signatures and warrant-hiding proxy signatures, have been introduced. In this context, privacy-enhancing means that a verifier of a proxy signature does not learn anything about the delegated message set beyond the message being presented for verification.

We observe that this principle bears similarities with functionality provided by anonymous credentials. Inspired by this observation, we examine black-box constructions of the two aforementioned proxy signatures from non-interactive anonymous credentials, i.e., anonymous credentials with a non-interactive showing protocol, and show that the so obtained proxy signatures are secure if the anonymous credential system is secure. Moreover, we present two concrete instantiations using well-known representatives of anonymous credentials, namely Camenisch-Lysyanskaya (CL) and Brands' credentials.

While constructions of anonymous credentials from signature schemes with particular properties, such as CL signatures or structure-preserving signatures, as well as from special variants of signature schemes, such as group signatures, sanitizable and indexed aggregate signatures, are known, this is the first paper that provides constructions of special variants of signature schemes, i.e., privacy-enhancing proxy signatures, from anonymous credentials.

Category / Keywords: public-key cryptography / Proxy signatures, anonymous credentials, cryptographic protocols, privacy

Original Publication (with major differences): Proceedings of DBSec'14

Date: received 23 Apr 2014, last revised 29 Sep 2014

Contact author: david derler at iaik tugraz at

Available format(s): PDF | BibTeX Citation

Note: added reference to proceedings version

Version: 20140929:064143 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]