Paper 2014/468

Privacy-Preserving Auditing for Attribute-Based Credentials

Jan Camenisch, Anja Lehmann, Gregory Neven, and Alfredo Rial

Abstract

Privacy-enhancing attribute-based credentials (PABCs) allow users to authenticate to verifiers in a data-minimizing way, in the sense that users are unlinkable between authentications and only disclose those attributes from their credentials that are relevant to the verifier. We propose a practical scheme to apply the same data minimization principle when the verifiers’ authentication logs are subjected to external audits. Namely, we propose an extended PABC scheme where the verifier can further remove attributes from presentation tokens before handing them to an auditor, while preserving the verifiability of the audited tokens. We present a generic construction based on a signature, a signature of knowledge and a trapdoor commitment scheme, prove it secure in the universal composability framework, and give efficient instantiations based on the strong RSA and Decision Composite Residuosity (DCR) assumptions in the random-oracle model.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. ESORICS 2014
Keywords
privacy-enhancing credentialsdata minimizationauditing
Contact author(s)
anj @ zurich ibm com
History
2014-06-21: received
Short URL
https://ia.cr/2014/468
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2014/468,
      author = {Jan Camenisch and Anja Lehmann and Gregory Neven and Alfredo Rial},
      title = {Privacy-Preserving Auditing for Attribute-Based Credentials},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/468},
      year = {2014},
      url = {https://eprint.iacr.org/2014/468}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.