Paper 2019/460

Fast Keyed-Verification Anonymous Credentials on Standard Smart Cards

Jan Camenisch, Manu Drijvers, Petr Dzurenda, and Jan Hajny


Cryptographic anonymous credential schemes allow users to prove their personal attributes, such as age, nationality, or the validity of a ticket or a pre-paid pass, while preserving their privacy, as such proofs are unlinkable and attributes can be selectively disclosed. Recently, Chase et al. (CCS 2014) observe that in such systems, a typical setup is that the credential issuer also serves as the verifier. They introduce keyed-verification credentials that are tailored to this setting. In this paper, we present a novel keyed-verification credential system designed for lightweight devices (primarily smart cards) and prove its security. By using a novel algebraic MAC based on Boneh-Boyen signatures, we achieve the most efficient proving protocol compared to existing schemes. To demonstrate the practicality of our scheme in real applications, including large-scale services such as public transportation or e-government, we present an implementation on a standard, off-the-shelf, Multos smart card. While using significantly higher security parameters than most existing implementations, we achieve performance that is more than 44 % better than the current state-of-the-art implementation.

Note: The final publication is available at Springer LNCS.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Minor revision.IFIP ICT Systems Security and Privacy Protection - IFIP SEC 2019
Privacyanonymous credentialsauthenticationsmart cards
Contact author(s)
hajny @ feec vutbr cz
2019-05-31: revised
2019-05-10: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jan Camenisch and Manu Drijvers and Petr Dzurenda and Jan Hajny},
      title = {Fast Keyed-Verification Anonymous Credentials on Standard Smart Cards},
      howpublished = {Cryptology ePrint Archive, Paper 2019/460},
      year = {2019},
      doi = {10.1007/978-3-030-22312-0},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.