Cryptology ePrint Archive: Report 2016/031

Beyond the selective disclosure of ABCs on RAM-constrained devices

Antonio de la Piedra

Abstract: The utilization of private Attribute-based credentials (ABC) in everyday life could enable citizens to only partially reveal their identity in economic transactions and communication with public institutions. This means citizens could control in a practical way the information related to their own life and identity in many contexts. At the time of writing, the Identity Mixer (Idemix) by IBM is the only credential system that offers enough flexibility to proof a considerable variety of properties of the attributes of a credential. Despite many practitioners have proposed different strategies for implementing ABCs on smart cards in the last few years, the complexity of the assumptions these primitives usually rely on, undermines fast and practical implementations of ABCs. The lack of smart cards with powerful hardware arithmetic accelerators is not the only problem for speeding up the computation of these primitives since one need to perform fast arithmetic operations with operands stored in RAM. Moreover, the implementation of complex Zero-Knowledge Proofs (ZKP) needs a considerable amount of pseudorandomness. In order to overcome these limitations, we proposed to use a Pseudo-Random Number Generator (PRNG) for recomputing pseudorandomness and we use it tandem with variable reconstruction in order to implement complex proofs. The utilization of this simple technique enable us to compute pseudonyms, domain pseudonyms, multi-credential proofs and to rely on the AND, NOT and OR operators to prove inner properties of the attributes of the credential whereas prior art only addressed the selective disclosure of one attribute on a given credential. Moreover, we show how to increase the number of attributes stored on the card via this construction. Finally, we show how to chain proofs based on AND, NOT and OR operators in order to extend the amount of properties of a credential that can be showed via external and internal commitment reordering.

Category / Keywords: implementation / Smart cards, ABCs

Date: received 12 Jan 2016, last revised 12 Jan 2016

Contact author: a delapiedra at cs ru nl

Available format(s): PDF | BibTeX Citation

Version: 20160112:163208 (All versions of this report)

Short URL: ia.cr/2016/031

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]