Abstract
Recent works to improve privacy in permissioned blockchains like Hyperledger Fabric rely on Idemix, the only anonymous credential system that has been integrated to date. The current Idemix implementation in Hyperledger Fabric (v2.4) only supports a fixed set of attributes; it does not support revocation features, nor does it support anonymous endorsement of transactions (in Fabric, transactions need to be approved by a subset of peers before consensus). A prototype Idemix extension by Bogatov et al. (CANS, 2021) was proposed to include revocation, auditability, and to gain privacy for users. In this work, we explore how to gain efficiency, functionality, and further privacy, departing from recent works on anonymous credentials based on Structure-Preserving Signatures on Equivalence Classes. As a result, we extend previous works to build a new anonymous credential scheme called Protego. We also present a variant of it (Protego Duo) based on a different approach to hiding the identity of an issuer during showings. We also discuss how both can be integrated into Hyperledger Fabric and provide a prototype implementation. Finally, our results show that Protego and Protego Duo are at least twice as fast as state-of-the-art approaches based on Idemix.
A. Connolly—Work done while the author was at Wordline Global.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Asymptotic complexity is O(1) (considering exponentiations and pairings) but some multiplications depending on the shown attributes are required, hence the difference.
References
Implementation. https://github.com/octaviopk9/indocrypt_protego
Androulaki, E., Camenisch, J., Caro, A.D., Dubovitskaya, M., Elkhiyaoui, K., Tackmann, B.: Privacy-preserving auditable token payments in a permissioned blockchain system. In: Proceedings of the 2nd ACM Conference on Advances in Financial Technologies. AFT 2020, pp. 255–267. Association for Computing Machinery, New York (2020)
Androulaki, E., De Caro, A., Neugschwandtner, M., Sorniotti, A.: Endorsement in hyperledger fabric. In: 2019 IEEE International Conference on Blockchain (Blockchain), pp. 510–519 (2019)
Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order, pp. 319–331 (2006). https://doi.org/10.1007/11693383_22
Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption, pp. 566–582 (2001). https://doi.org/10.1007/3-540-45682-1_33
Bobolz, J., Eidens, F., Krenn, S., Ramacher, S., Samelin, K.: Issuer-hiding attribute-based credentials. In: Conti, M., Stevens, M., Krenn, S. (eds.) CANS 2021. LNCS, vol. 13099, pp. 158–178. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92548-2_9
Bogatov, D., De Caro, A., Elkhiyaoui, K., Tackmann, B.: Anonymous transactions with revocation and auditing in hyperledger fabric. In: Conti, M., Stevens, M., Krenn, S. (eds.) CANS 2021. LNCS, vol. 13099, pp. 435–459. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92548-2_23
Burkhart, M.: Mercurial signatures implementation. Github (2020). https://github.com/burkh4rt/Mercurial-Signatures
Camenisch, J., Drijvers, M., Dubovitskaya, M.: Practical UC-secure delegatable credentials with attributes and their application to blockchain, pp. 683–699 (2017). https://doi.org/10.1145/3133956.3134025
Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps, pp. 56–72 (2004). https://doi.org/10.1007/978-3-540-28628-8_4
Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system, pp. 21–30 (2002). https://doi.org/10.1145/586110.586114
Connolly, A., Lafourcade, P., Perez Kempner, O.: Improved Constructions of Anonymous Credentials from Structure-Preserving Signatures on Equivalence Classes. In: Hanaoka, G., Shikata, J., Watanabe, Y. (eds.) PKC 2022. LNCS, vol. 13177, pp. 409–438. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-97121-2_15
Crites, E.C., Lysyanskaya, A.: Delegatable anonymous credentials from mercurial signatures, pp. 535–555 (2019). https://doi.org/10.1007/978-3-030-12612-4_27
Derler, D., Hanser, C., Slamanig, D.: A new approach to efficient revocable attribute-based anonymous credentials, pp. 57–74 (2015). https://doi.org/10.1007/978-3-319-27239-9_4
Fuchsbauer, G., Hanser, C., Slamanig, D.: Structure-preserving signatures on equivalence classes and constant-size anonymous credentials. J. Cryptol. 32(2), 498–546 (2018). https://doi.org/10.1007/s00145-018-9281-4
Kang, H., Dai, T., Jean-Louis, N., Tao, S., Gu, X.: Fabzk: supporting privacy-preserving, auditable smart contracts in hyperledger fabric. In: 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 543–555 (2019)
Mazumdar, S., Ruj, S.: Design of anonymous endorsement system in hyperledger fabric. IEEE Trans. Emerg. Top. Comput. 1 (2019)
Narula, N., Vasquez, W., Virza, M.: Zkledger: privacy-preserving auditing for distributed ledgers. In: Proceedings of the 15th USENIX Conference on Networked Systems Design and Implementation. NSDI 2018, pp. 65–80. USENIX Association, USA (2018)
Schnorr, C.P.: Efficient identification and signatures for smart cards, pp. 239–252 (1990). https://doi.org/10.1007/0-387-34805-0_22
Shoup, V.: Lower bounds for discrete logarithms and related problems, pp. 256–266 (1997). https://doi.org/10.1007/3-540-69053-0_18
Zurich, I.R.: Specification of the identity mixer cryptographic library v2.3.0 (2013)
Acknowledgements
We thank the anonymous reviewers for their valuable feedback. The European Commission partially supported Octavio Perez Kempner’s work as part of the CUREX project (H2020-SC1-FA-DTS-2018-1 under grant agreement No 826404).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Our NIZK Argument for Issuer-hiding
A Our NIZK Argument for Issuer-hiding
We refer the reader to [12] (Sect. 3.1) for the basic syntax and security properties of malleable NIZK proof systems. In Fig. 6 we build a fully adaptive malleable NIZK argument following the construction from [12]. The main idea is that given two proofs \(\pi _1\) and \(\pi _2\) for statements \(\textbf{x}_1 = w_1 \textbf{v}_i\) and \(\textbf{x}_2 = w_2 \textbf{v}_i\), one can compute a valid proof \(\pi \) for the statement \(\textbf{x}= (\alpha w_1 + \beta w_2) \textbf{v}_i\) with fresh \(\alpha \) and \(\beta \). The derivation privacy property of the proof system ensures that \(\pi \) looks like a freshly computed proof. Security follows from theorems 2 and 8 from [12].
Our fully adaptive malleable NIZK argument
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Connolly, A., Deschamps, J., Lafourcade, P., Perez Kempner, O. (2022). Protego: Efficient, Revocable and Auditable Anonymous Credentials with Applications to Hyperledger Fabric. In: Isobe, T., Sarkar, S. (eds) Progress in Cryptology – INDOCRYPT 2022. INDOCRYPT 2022. Lecture Notes in Computer Science, vol 13774. Springer, Cham. https://doi.org/10.1007/978-3-031-22912-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-031-22912-1_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-22911-4
Online ISBN: 978-3-031-22912-1
eBook Packages: Computer ScienceComputer Science (R0)