Paper 2022/213

Issuer-Hiding Attribute-Based Credentials

Jan Bobolz, Fabian Eidens, Stephan Krenn, Sebastian Ramacher, and Kai Samelin

Abstract

Attribute-based credential systems enable users to authenticate in a privacy-preserving manner. However, in such schemes verifying a user's credential requires knowledge of the issuer's public key, which by itself might already reveal private information about the user. In this paper, we tackle this problem by introducing the notion of issuer-hiding attribute-based credential systems. In such a system, the verifier can define a set of acceptable issuers in an ad-hoc manner, and the user can then prove that her credential was issued by one of the accepted issuers -- without revealing which one. We then provide a generic construction, as well as a concrete instantiation based on Groth's structure preserving signature scheme (ASIACRYPT'15) and simulation-sound extractable NIZK, for which we also provide concrete benchmarks in order to prove its practicability. The online complexity of all constructions is independent of the number of acceptable verifiers, which makes it also suitable for highly federated scenarios.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. CANS 2021
DOI
10.1007/978-3-030-92548-2_9
Keywords
cryptographic protocolsissuer-hidingprivacy-preservinganonymous credentialsauthentication
Contact author(s)
jan bobolz @ uni-paderborn de
fabian eidens @ uni-paderborn de
stephan krenn @ ait ac at
History
2022-02-25: received
Short URL
https://ia.cr/2022/213
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/213,
      author = {Jan Bobolz and Fabian Eidens and Stephan Krenn and Sebastian Ramacher and Kai Samelin},
      title = {Issuer-Hiding Attribute-Based Credentials},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/213},
      year = {2022},
      doi = {10.1007/978-3-030-92548-2_9},
      url = {https://eprint.iacr.org/2022/213}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.