Paper 2022/878

zk-creds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure

Michael Rosenberg, University of Maryland
Jacob White, Purdue University
Christina Garman, Purdue University
Ian Miers, University of Maryland

Frequently, users on the web need to show that they are, for example, not a robot, old enough to access an age restricted video, or eligible to download an ebook from their local public library without being tracked. Anonymous credentials were developed to address these concerns. However, existing schemes do not handle the realities of deployment or the complexities of real-world identity. Instead, they implicitly make assumptions such as there being an issuing authority for anonymous credentials that, for real applications, requires the local department of motor vehicles to issue sophisticated cryptographic tokens to show users are over 18. In reality, there are multiple trust sources for a given identity attribute, their credentials have distinctively different formats, and many, if not all, issuers are unwilling to adopt new protocols. We present and build zk-creds, a protocol that uses general-purpose zero-knowledge proofs to 1) remove the need for credential issuers to hold signing keys: credentials can be issued to a bulletin board instantiated as a transparency log, Byzantine system, or even a blockchain; 2) convert existing identity documents into anonymous credentials without modifying documents or coordinating with their issuing authority; 3) allow for flexible, composable, and complex identity statements over multiple credentials. Concretely, identity assertions using zk-creds take less than 150ms in a real-world scenario of using a passport to anonymously access age-restricted videos.

Available format(s)
Publication info
Published elsewhere. Major revision. 2023 IEEE Symposium on Security and Privacy (SP)
Anonymous credentialsZero-knowledge proofsBlockchainIdentity protocols
Contact author(s)
micro @ umd edu
white570 @ purdue edu
clg @ cs purdue edu
imiers @ umd edu
2023-07-19: revised
2022-07-05: received
See all versions
Short URL
Creative Commons Attribution-NonCommercial-NoDerivs


      author = {Michael Rosenberg and Jacob White and Christina Garman and Ian Miers},
      title = {zk-creds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure},
      howpublished = {Cryptology ePrint Archive, Paper 2022/878},
      year = {2022},
      doi = {10.1109/SP46215.2023.00108},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.