Paper 2014/684

Towards a Full-Featured Implementation of Attribute Based Credentials on Smart Cards

Antonio de la Piedra, Jaap-Henk Hoepman, and Pim Vullers

Abstract

Attribute-based Credentials (ABCs) allow citizens to prove certain properties about themselves without necessarily revealing their full identity. Smart cards are an attractive container for such credentials, for security and privacy reasons. But their limited processing power and random access storage capacity pose a severe challenge. Recently, we, the IRMA team, managed to fully implement a limited subset of the Idemix ABC system on a smart card, with acceptable running times. In this paper we extend this functionality by overcoming the main hurdle: limited RAM. We implement an efficient extended Pseudo-Random Number Generator (PRNG) for recomputing pseudorandomness and reconstructing variables. Using this we implement Idemix standard and domain pseudonyms, AND proofs based on prime-encoded attributes, and equality proofs of representation modulo a composite, together with terminal verification and secure messaging. In contrast to prior work that only addressed the verification of one credential with only one attribute (particularly, the master secret), we can now perform multi-credential proofs on credentials of 5 attributes and complex proofs in reasonable time. We provide a detailed performance analysis and compare our results to other approaches.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. CANS 2014
Keywords
Attribute-based credentialssmart cardsprivacy
Contact author(s)
A delaPiedra @ cs ru nl
History
2014-09-03: revised
2014-09-01: received
See all versions
Short URL
https://ia.cr/2014/684
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/684,
      author = {Antonio de la Piedra and Jaap-Henk Hoepman and Pim Vullers},
      title = {Towards a Full-Featured Implementation of Attribute Based Credentials on Smart Cards},
      howpublished = {Cryptology ePrint Archive, Paper 2014/684},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/684}},
      url = {https://eprint.iacr.org/2014/684}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.