Cryptology ePrint Archive: Report 2017/115

An efficient self-blindable attribute-based credential scheme

Sietse Ringers and Eric Verheul and Jaap-Henk Hoepman

Abstract: An attribute-based credential scheme allows a user, given a set of attributes, to prove ownership of these attributes to a verifier, voluntarily disclosing some of them while keeping the others secret. A number of such schemes exist, of which some additionally provide unlinkability: that is, when the same attributes were disclosed in two transactions, it is not possible to tell if one and the same or two different credentials were involved. Recently full-fledged implementations of such schemes on smart cards have emerged; however, these need to compromise the security level to achieve reasonable transaction speeds. In this paper we present a new unlinkable attribute-based credential scheme with a full security proof, using a known hardness assumption in the standard model. Defined on elliptic curves, the scheme involves bilinear pairings but only on the verifier's side, making it very efficient both in terms of speed and size on the user's side.

Category / Keywords: cryptographic protocols / anonymous credentials, attribute-based credentials, elliptic curve cryptosystem, bilinear pairings

Original Publication (with major differences): Financial Cryptography 2017

Date: received 13 Feb 2017, last revised 3 Jul 2017

Contact author: sringers at cs ru nl

Available format(s): PDF | BibTeX Citation

Version: 20170703:113936 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]