$\texttt{zk-creds}$: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure

Abstract

Frequently, users on the web need to show that they are, for example, not a robot, old enough to access an age restricted video, or eligible to download an ebook from their local public library without being tracked. Anonymous credentials were developed to address these concerns. However, existing schemes do not handle the realities of deployment or the complexities of real world identity. Instead, they make (often incorrect) assumptions, e.g., that the local department of motor vehicles will issue sophisticated cryptographic tokens to show users are over 18. In reality, there are multiple trust sources for a given identity attribute, their credentials have distinctively different formats, and many, if not all, issuers are unwilling to adopt new protocols. We present and build $\texttt{zk-creds}$, a protocol that uses general-purpose zero-knowledge proofs to 1) remove the need for credential issuers to hold signing keys: credentials can be issued via a transparency log, Byzantine system, or even a blockchain; 2) convert existing identity documents into anonymous credentials without modifying documents or coordinating with their issuing authority; 3) allow for flexible, composable, and complex identity statements over multiple credentials. Concretely, identity assertions using $\texttt{zk-creds}$ take less than 300ms in a real-world scenario of using a passport to anonymously access age-restricted videos.

Note: All code will be open sourced by August 1.

Available format(s)
Category
Applications
Publication info
Preprint.
Keywords
Anonymous credentials Zero-knowledge proofs Blockchain Identity protocols
Contact author(s)
micro @ umd edu
white570 @ purdue edu
clg @ cs purdue edu
imiers @ umd edu
History
2022-07-07: approved
See all versions
Short URL
https://ia.cr/2022/878

CC BY-NC-ND

BibTeX

@misc{cryptoeprint:2022/878,
author = {Michael Rosenberg and Jacob White and Christina Garman and Ian Miers},
title = {$\texttt{zk-creds}$: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure},
howpublished = {Cryptology ePrint Archive, Paper 2022/878},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/878}},
url = {https://eprint.iacr.org/2022/878}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.