Multi-Issuer Anonymous Credentials Without a Root Authority

Abstract

The rise of blockchain technology has boosted interest in privacy-enhancing technologies, in particular, anonymous transaction authentication. Permissionless blockchains realize transaction anonymity through one-time pseudonyms, whereas permissioned blockchains leverage anonymous credentials. Earlier solutions of anonymous credentials assume a single issuer; as a result, they hide the identity of users but still reveal the identity of the issuer. A countermeasure is delegatable credentials, which support multiple issuers as long as a root authority exists. Assuming a root authority however, is unsuitable for blockchain technology and decentralized applications. This paper introduces a solution for anonymous credentials that guarantees user anonymity, even without a root authority. The proposed solution is secure in the universal composability framework and allows users to produce anonymous signatures that are logarithmic in the number of issuers and constant in the number of user attributes