Privacy-Preserving Predicate Proof of Attributes with CL-Anonymous Credential

Abstract The anonymous credential system allows users to convince relying parties the possession of a credential released by an issuer. To adhere to the minimal information disclose principle, the anonymous credential facilitates predicate proofs of attributes without revealing the values. In this paper, we extend the pairing-based CL-anonymous credential system and present a series of attributes proof protocols. They enable users to prove to relying parties the AND and OR relations over multiple attributes, as well as equality to a given value and lying into a given interval over some single attribute

Attribute-based Anonymous Credential: Optimization for Single-Use and Multi-Use

User attributes can be authenticated by an attribute-based anonymous credential while keeping the anonymity of the user. Most attribute-based anonymous credential schemes are designed specifically for either multi-use or single-use. In this paper, we propose a unified attribute-based anonymous credential system, in which users always obtain the same format of credential from the issuer. The user can choose to use it for an efficient multi-use or single-use show proof. It is a more user-centric approach than the existing schemes. Technically, we propose an interactive approach to the credential issuance protocol using a two-party computation with an additive homomorphic encryption. At the same time, it keeps the security property of impersonation resilience, anonymity, and unlinkability. Apart from the interactive protocol, we further design the show proofs for efficient single-use credentials which maintain the user anonymity

Delegatable Anonymous Credentials from Mercurial Signatures

In a delegatable anonymous credential system, participants may use their credentials anonymously as well as anonymously delegate them to other participants. Such systems are more usable than traditional anonymous credential systems because a popular credential issuer can delegate some of its responsibilities without compromising users\u27 privacy. They also provide stronger privacy guarantees than traditional anonymous credential systems because the identities of credential issuers are hidden. The identity of a credential issuer may convey information about a user\u27s identity even when all other information about the user is concealed. The only previously known constructions of delegatable anonymous credentials were prohibitively inefficient. They were based on non-interactive zero-knowledge (NIZK) proofs. In this paper, we provide a simple construction of delegatable anonymous credentials and prove its security in the generic group model. Our construction is direct, not based on NIZK proofs, and is therefore considerably more efficient. In fact, in our construction, only five group elements are needed per link to represent an anonymous credential chain. Our main building block is a new type of signature scheme, a mercurial signature, which allows a signature $\sigma$ on a message $M$ under public key $\mathsf{pk}$ to be transformed into a signature $\sigma\u27$ on an equivalent but unlinkable message $M\u27$ under an equivalent but unlinkable public key $\mathsf{pk}\u27$

Using the RSA or RSA-B accumulator in anonymous credential schemes

We review the two RSA-based accumulators introduced by Camenisch and Lysyanskaya in 2002 in the setting of revocation for anonymous credential schemes, such as Idemix or BBS+. We show that in such a setting, the lower and upper bounds placed on the accumulated values in the paper are unnecessarily strict; they can be removed almost entirely (up to the group order of the credential scheme). This allows the accumulators to be used on elliptic curves of ordinary sizes, such as the ones on which BBS+ is commonly implemented. We also offer some notes and optimizations for implementations of anonymous credential schemes that use these accumulators to enable revocation

Web-based visualization of anonymous credential scheme

Tato práce se zabývá systémy pro atributovou autentizaci a kryptografickými primitivy tvořící tyto systémy. Hlavním zaměřením této práce je schéma RKVAC, které je implementováno i vizualizováno. Práce popisuje entity a protokoly vyskytující se v schématu RKVAC. Výstupem této práce je webová aplikace, která slouží pro představení schématu RKVAC širší veřejnosti.This thesis explores attribute based credential schemes and the cryptographic preliminaries that are the building blocks of such schemes. The main focus of this thesis is the RKVAC scheme, which is implemented and visualized. This thesis also describes the entities and protocols of the RKVAC scheme and their roles within it. The implemented web application is designed to introduce the RKVAC scheme to the public.

Access Controls for Oblivious and Anonymous Systems

The use of privacy-enhancing cryptographic protocols, such as anonymous credentials and oblivious transfer, often has a detrimental effect on the ability of providers to effectively implement access controls on their content. In this paper, we propose a stateful anonymous credential system that allows the provider to implement non-trivial, real-world access controls on oblivious protocols conducted with anonymous users. Our stateful anonymous credential system models the behavior of users as a state machine, and embeds that state within an anonymous credential to restrict access to resources based on the state information. The use of state machine models of user behavior allows the provider to restrict the users\u27 actions according to a wide variety of access control models without learning anything about the users\u27 identities or actions. Our system is secure in the standard model under basic assumptions, and, after an initial setup phase, each transaction requires only constant time. As a concrete example, we show how to implement the Brewer-Nash (Chinese Wall) and Bell-La Padula (Multilevel Security) access control models within our credential system. Furthermore, we combine our credential system with a simulatable, adaptive oblivious transfer scheme to create a privacy-friendly oblivious database with strong access controls

The Landscape of Pointcheval-Sanders Signatures: Mapping to Polynomial-Based Signatures and Beyond

Pointcheval-Sanders (PS) signatures are well-studied in the literature and have found use within e.g. threshold credential schemes and redactable anonymous credential schemes. The present work leverages a mapping between PS signatures and a related class of polynomial-based signatures to construct multiple new signature/credential schemes. Specifically, new protocols for multi-message signatures, sequential aggregate signatures, signatures for message commitments, redactable signatures, and unlinkable redactable signatures are presented. A redactable anonymous credential scheme is also constructed. All original protocols employ constant-sized secret keys rather than linear-sized (in the number of messages/attributes). Security properties of the new protocols are analysed and a general discussion of security properties for both PS signatures and the new schemes is provided

Cryptography on Arduino platform

Bakalářská práce se věnuje analýze možností využití platformy Arduino pro kryptografické systémy a zároveň implementaci anonymních atributových ověřovacích schémat na této platformě. Obsahem jsou výsledky rešerší dostupných knihoven pro modulární aritmetiku i operace na eliptických křivkách a jejich výkonnostní testy. V návaznosti na výsledky pak byly vybrány vhodné knihovny a provedena praktická implementace moderních anonymních atributových ověřovacích schémat.The bachelor thesis deals with the analysis of possibilities of using Arduino platform for cryptographic systems, while implementing anonymous credential schemes on this platform. The content includes the results of searches of available libraries for modular arithmetic and operations on elliptic curves and their performance tests. Following the results, suitable libraries were selected and a practical implementation of modern anonymous credential schemes was performed.