Paper 2006/454

How to Win the Clone Wars: \\ Efficient Periodic n-Times Anonymous Authentication

Jan Camenisch, Susan Hohenberger, Markulf Kohlweiss, Anna Lysyanskaya, and Mira Meyerovich


We create a credential system that lets a user anonymously authenticate at most $n$ times in a single time period. A user withdraws a dispenser of $n$ e-tokens. She shows an e-token to a verifier to authenticate herself; each e-token can be used only once, however, the dispenser automatically refreshes every time period. The only prior solution to this problem, due to Damgård et al.~[DDP05], uses protocols that are a factor of $k$ slower for the user and verifier, where $k$ is the security parameter. Damgård et al. also only support one authentication per time period, while we support $n$. Because our construction is based on e-cash, we can use existing techniques to identify a cheating user, trace all of her e-tokens, and revoke her dispensers. We also offer a new anonymity service: glitch protection for basically honest users who (occasionally) reuse e-tokens. The verifier can always recognize a reused e-token; however, we preserve the anonymity of users who do not reuse e-tokens too often.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Full version of an extended abstract published in Proceedings of ACM CCS 2006, ACM Press.
electronic commerce and paymente-cash
Contact author(s)
mira @ cs brown edu
2007-04-12: last of 3 revisions
2006-12-04: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jan Camenisch and Susan Hohenberger and Markulf Kohlweiss and Anna Lysyanskaya and Mira Meyerovich},
      title = {How to Win the Clone Wars: \\ Efficient Periodic n-Times Anonymous Authentication},
      howpublished = {Cryptology ePrint Archive, Paper 2006/454},
      year = {2006},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.