Paper 2015/237

Fast Revocation of Attribute-Based Credentials for Both Users and Verifiers

Wouter Lueks, Gergely Alpár, Jaap-Henk Hoepman, and Pim Vullers

Abstract

Attribute-based credentials allow a user to prove properties about herself anonymously. Revoking such credentials, which requires singling them out, is hard because it is at odds with anonymity. All revocation schemes proposed to date either sacrifice anonymity altogether, require the parties to be online, or put high load on the user or the verifier. As a result, these schemes are either too complicated for low-powered devices like smart cards or they do not scale. We propose a new revocation scheme that has a very low computational cost for users and verifiers, and does not require users to process updates. We trade only a limited, but well-defined, amount of anonymity to make the first practical revocation scheme that is efficient at large scales and fast enough for smart cards.

Note: Updated/added some references. Not using QR(n) anymore.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. IFIP SEC
Keywords
revocationprivacyanonymous credentialsattribute-based credentials
Contact author(s)
lueks @ cs ru nl
History
2015-11-04: last of 2 revisions
2015-03-13: received
See all versions
Short URL
https://ia.cr/2015/237
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/237,
      author = {Wouter Lueks and Gergely Alpár and Jaap-Henk Hoepman and Pim Vullers},
      title = {Fast Revocation of Attribute-Based Credentials for Both Users and Verifiers},
      howpublished = {Cryptology ePrint Archive, Paper 2015/237},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/237}},
      url = {https://eprint.iacr.org/2015/237}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.