eprint.iacr.org will be offline for approximately an hour for routine maintenance again at 10pm UTC on Wednesday, April 17.

Paper 2017/1106

Formal Analysis of a TTP-Free Blacklistable Anonymous Credentials System (Full Version)

Weijin Wang, Yu Qin, Jingbin Liu, and Dengguo Feng


This paper firstly introduces a novel security definition for BLAC-like schemes (BLAC represents TTP-free BLacklist-able Anonymous Credentials) in the symbolic model using applied pi calculus, which is suitable for automated reasoning via a certain formal analysis tool. We model the definitions of some common security properties: authenticity, non-framebility, mis-authentication resistance and privacy (anonymity and unlinkability). Then the case study of these security definitions is demonstrated by modelling and analyzing BLACR (BLAC with Reputation) system. We verify these security properties by Blanchet’s ProVerif and a ZKP (Zero-Knowledge Proof) compiler developed by Backes et al.. In particular, we model and analyze the express-lane authentication in BLACR system. The analysis discovers a known attack that can be carried out by any potential user. This attack allows a user escaping from being revoked as he wishes. We provide a revised variant that can be proved successfully by ProVerif as well, which also indicates that the fix provided by ExBLACR (Extending BLACR) is incorrect.

Note: I miss adding “and” between the authors’ names

Available format(s)
Publication info
Published elsewhere. Minor revision. ICICS 2017 (will appear)
Formal analysisAnonymous CredentialProVerifBLACR
Contact author(s)
wangweijin @ tca iscas ac cn
2017-11-20: received
Short URL
Creative Commons Attribution


      author = {Weijin Wang and Yu Qin and Jingbin Liu and Dengguo Feng},
      title = {Formal Analysis of a TTP-Free Blacklistable Anonymous Credentials System (Full Version)},
      howpublished = {Cryptology ePrint Archive, Paper 2017/1106},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/1106}},
      url = {https://eprint.iacr.org/2017/1106}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.