Paper 2025/513

Server-Aided Anonymous Credentials

Rutchathon Chairattana-Apirom, University of Washington
Franklin Harding, Brown University
Anna Lysyanskaya, Brown University
Stefano Tessaro, University of Washington
Abstract

This paper formalizes the notion of server-aided anonymous credentials (SAACs), a new model for anonymous credentials (ACs) where, in the process of showing a credential, the holder is helped by additional auxiliary information generated in an earlier (anonymous) interaction with the issuer. This model enables lightweight instantiations of 'publicly verifiable and multi-use' ACs from pairing-free elliptic curves, which is important for compliance with existing national standards. A recent candidate for the EU Digital Identity Wallet, BBS#, roughly adheres to the SAAC model we have developed; however, it lacks formal security definitions and proofs. In this paper, we provide rigorous definitions of security for SAACs, and show how to realize SAACs from the weaker notion of keyed-verification ACs (KVACs) and special types of oblivious issuance protocols for zero-knowledge proofs. We instantiate this paradigm to obtain two constructions: one achieves statistical anonymity with unforgeability under the Gap -SDH assumption, and the other achieves computational anonymity and unforgeability under the DDH assumption.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Anonymous CredentialsBBS SignaturesPairing-free Groups
Contact author(s)
rchairat @ cs washington edu
franklin_harding @ brown edu
anna_lysyanskaya @ brown edu
tessaro @ cs washington edu
History
2025-03-21: approved
2025-03-19: received
See all versions
Short URL
https://ia.cr/2025/513
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/513,
      author = {Rutchathon Chairattana-Apirom and Franklin Harding and Anna Lysyanskaya and Stefano Tessaro},
      title = {Server-Aided Anonymous Credentials},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/513},
      year = {2025},
      url = {https://eprint.iacr.org/2025/513}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.