Paper 2023/707
Concurrent Security of Anonymous Credentials Light, Revisited
, ETH Zurich, CISPA Helmholtz Center for Information Security, CISPA Helmholtz Center for Information Security, Saarland UniversityAbstract
We revisit the concurrent security guarantees of the well-known Anonymous Credentials Light (ACL) scheme (Baldimtsi and Lysyanskaya, CCS'13). This scheme was originally proven secure when executed sequentially, and its concurrent security was left as an open problem. A later work of Benhamouda et al. (EUROCRYPT'21) gave an efficient attack on ACL when executed concurrently, seemingly resolving this question once and for all. In this work, we point out a subtle flaw in the attack of Benhamouda et al. on ACL and show, in spite of popular opinion, that it can be proven concurrently secure. Our modular proof in the algebraic group model uses an ID scheme as an intermediate step and leads to a major simplification of the complex security argument for Abe's Blind Signature scheme by Kastner et al. (PKC'22).
Note: In this revision, we address minor flaws in Lemma 3.5 and Claim D.1, and correct multiple typos throughout the paper.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Major revision. ACM CCS23
- DOI
- 10.1145/3576915.3623184
- Keywords
- Blind SignaturesAnonymous CredentialsAlgebraic Group ModelConcurrent Security
- Contact author(s)
-
julia kastner @ inf ethz ch
loss @ cispa de
omar renawi @ cispa de - History
- 2024-07-24: last of 3 revisions
- 2023-05-17: received
- See all versions
- Short URL
- https://ia.cr/2023/707
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/707,
author = {Julia Kastner and Julian Loss and Omar Renawi},
title = {Concurrent Security of Anonymous Credentials Light, Revisited},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/707},
year = {2023},
doi = {10.1145/3576915.3623184},
url = {https://eprint.iacr.org/2023/707}
}
