Skip to main content
SpringerLink
Log in

Privacy-Preserving Post-quantum Credentials for Digital Payments

  • Conference paper
  • First Online:
Financial Cryptography and Data Security. FC 2022 International Workshops (FC 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13412))

Included in the following conference series:

  • 391 Accesses

Abstract

Digital payments and decentralized systems enable new financial products and services for users. A core challenge stems from the need to protect users from fraud and abuse while retaining privacy in individual transactions. Proposed herein is a pseudonymous credential scheme for use in payment systems. The scheme is privacy-preserving, efficient for practical applications, and hardened against quantum-compute attacks. A constant-round, interactive, zero-knowledge proof of knowledge (ZK-POK), relying on a one-way function and an asymmetric encryption primitive, both of which need to support at most one homomorphic addition, is presented. The scheme is instantiated with SWIFFT as a post-quantum one-way function and Ring Learning With Errors (RLWE) as a post-quantum asymmetric encryption primitive, with the protocol deriving its quantum-hardness from the properties of the underlying primitives. Performance of the ZK-POK instantiated with the chosen primitive was evaluated to reveal a memory footprint of 85 kB to achieve 200 bits of security. Comparison reveals that our scheme is more efficient than equivalent, state-of-the-art post-quantum schemes. A practical, interactive, credential mechanism was constructed from the proposed building blocks, in which users are issued pseudonymous credentials against their personally identifiable information (PII) that can be used to register with financial service providers without revealing personal information. The protocol is shown to be secure and free of information leakage, preserving the user’s privacy regardless of the number of registrations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The main difference is in the step 4, the prover also sends n uniformly random strings to the verifier (see Appendix A).

  2. 2.

    https://csrc.nist.gov/projects/post-quantum-cryptography.

  3. 3.

    Kyber and Saber are two finalists in NIST PQC competition.

  4. 4.

    The implementation was tested on 3.2GHz Intel Pentium 4, written in C and and compiled using gcc version 4.1.2 (compiler flags -O3) on a PC running under Linux kernel 2.6.18. The implementation can be found https://github.com/micciancio/SWIFFT.

References

  1. Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)

    Article  Google Scholar 

  2. Damgård, I.B.: Payment systems and credential mechanisms with provable security against abuse by individuals. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 328–335. Springer, New York (1990). https://doi.org/10.1007/0-387-34799-2_26

    Chapter  Google Scholar 

  3. Chen, L.: Access with pseudonyms. In: Dawson, E., Golić, J. (eds.) CPA 1995. LNCS, vol. 1029, pp. 232–243. Springer, Heidelberg (1996). https://doi.org/10.1007/BFb0032362

    Chapter  Google Scholar 

  4. Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H., Adams, C. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184–199. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-46513-8_14

    Chapter  Google Scholar 

  5. Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)

    Book  Google Scholar 

  6. Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_7

    Chapter  Google Scholar 

  7. Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Persiano, G., Galdi, C. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36413-7_20

    Chapter  Google Scholar 

  8. Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28628-8_4

    Chapter  Google Scholar 

  9. Blömer, J., Bobolz, J.: Delegatable attribute-based anonymous credentials from dynamically malleable signatures. In: Preneel, B., Vercauteren, F. (eds.) ACNS 2018. LNCS, vol. 10892, pp. 221–239. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93387-0_12

    Chapter  Google Scholar 

  10. Blömer, J., Bobolz, J., Diemert, D., Eidens, F.: Updatable anonymous credentials and applications to incentive systems. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1671–1685 (2019)

    Google Scholar 

  11. Pointcheval, D., Sanders, O.: Short randomizable signatures. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 111–126. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29485-8_7

    Chapter  Google Scholar 

  12. Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive, Report 2018/046 (2018). https://ia.cr/2018/046

  13. Ben-Sasson, E., Chiesa, A., Riabzev, M., Spooner, N., Virza, M., Ward, N.P.: Aurora: transparent succinct arguments for R1CS. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11476, pp. 103–128. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17653-2_4

    Chapter  Google Scholar 

  14. Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Malleable signatures: complex unary transformations and delegatable anonymous credentials. Cryptology ePrint Archive, Report 2013/179 (2013). https://eprint.iacr.org/2013/179

  15. Chase, M., et al.: Post-quantum zero-knowledge and signatures from symmetric-key primitives. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1825–1842 (2017)

    Google Scholar 

  16. Giacomelli, I., Madsen, J., Orlandi, C.: ZKBoo: faster zero-knowledge for Boolean circuits. In: 25th \(\{\)Usenix\(\}\) Security Symposium (\(\{\)Usenix\(\}\) Security 16), pp. 1069–1083 (2016)

    Google Scholar 

  17. Ames, S., Hazay, C., Ishai, Y., Venkitasubramaniam, M.: Ligero: lightweight sublinear arguments without a trusted setup. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 2087–2104 (2017)

    Google Scholar 

  18. Lyubashevsky, V., Micciancio, D., Peikert, C., Rosen, A.: SWIFFT: a modest proposal for FFT hashing. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 54–72. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71039-4_4

    Chapter  Google Scholar 

  19. Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. J. ACM 60, 1–35 (2013)

    Article  MathSciNet  MATH  Google Scholar 

  20. Peikert, C.: Lattice cryptography for the internet. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 197–219. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11659-4_12

    Chapter  MATH  Google Scholar 

  21. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 1–40 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  22. Blum, A., Furst, M., Kearns, M., Lipton, R.J.: Cryptographic primitives based on hard learning problems. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 278–291. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_24

    Chapter  Google Scholar 

  23. Lindner, R., Peikert, C.: Better key sizes (and attacks) for LWE-based encryption. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 319–339. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19074-2_21

    Chapter  Google Scholar 

  24. Bos, J., et al.: Frodo: take off the ring! practical, quantum-secure key exchange from LWE. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1006–1018 (2016)

    Google Scholar 

  25. Stehlé, D., Steinfeld, R., Tanaka, K., Xagawa, K.: Efficient public key encryption based on ideal lattices. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 617–635. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_36

    Chapter  Google Scholar 

  26. Bos, J.W., Costello, C., Naehrig, M., Stebila, D.: Post-quantum key exchange for the TLS protocol from the ring learning with errors problem. In: 2015 IEEE Symposium on Security and Privacy, pp. 553–570. IEEE (2015)

    Google Scholar 

  27. Reparaz, O., de Clercq, R., Roy, S.S., Vercauteren, F., Verbauwhede, I.: Additively homomorphic ring-LWE masking. In: Takagi, T. (ed.) PQCrypto 2016. LNCS, vol. 9606, pp. 233–244. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29360-8_15

    Chapter  Google Scholar 

  28. Bos, J., et al.: Crystals-Kyber: a CCA-secure module-lattice-based KEM. In: 2018 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 353–367. IEEE (2018)

    Google Scholar 

  29. D’Anvers, J.-P., Karmakar, A., Sinha Roy, S., Vercauteren, F.: Saber: module-LWR based key exchange, CPA-secure encryption and CCA-secure KEM. In: Joux, A., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2018. LNCS, vol. 10831, pp. 282–305. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89339-6_16

    Chapter  Google Scholar 

  30. Newhope. https://newhopecrypto.org/index.shtml. Accessed 16 Dec 2021

  31. Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange: a new hope. In: Proceedings of the 25th USENIX Conference on Security Symposium, SEC 2016, pp. 327–343. USENIX Association, USA (2016)

    Google Scholar 

  32. Pass, R.: On deniability in the common reference string and random oracle model. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 316–337. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_19

    Chapter  Google Scholar 

  33. Kyber. https://pq-crystals.org/kyber/index.shtml

  34. Dilithium. https://pq-crystals.org/dilithium/index.shtml

  35. Falcon. https://falcon-sign.info/

  36. Nistpqcsubmission. https://csrc.nist.gov/Projects/post-quantum-cryptography/round-3-submissions

Download references

Author information

Authors and Affiliations

  1. FinTech Research, Bank of Canada, 234 Wellington Street, Ottawa, Canada

    Raza Ali Kazmi, Duc-Phong Le & Cyrus Minwalla

Authors
  1. Raza Ali Kazmi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Duc-Phong Le
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Cyrus Minwalla
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Raza Ali Kazmi .

Editor information

Editors and Affiliations

  1. Georgetown University, Washington, DC, USA

    Shin'ichiro Matsuo

  2. Imperial College London, London, UK

    Lewis Gudgeon

  3. Cornell University, Ithaca, NY, USA

    Ariah Klages-Mundt

  4. Imperial College London, London, UK

    Daniel Perez Hernandez

  5. Imperial College London, London, UK

    Sam Werner

  6. The Australian National University, Canberra, ACT, Australia

    Thomas Haines

  7. Western University, London, ON, Canada

    Aleksander Essex

  8. University of Stirling, Stirling, UK

    Andrea Bracciali

  9. University of Trento, Trento, Trento, Italy

    Massimiliano Sala

A Modified Zero-Knowledge Interactive Proof

A Modified Zero-Knowledge Interactive Proof

figure g

Remark

Note strings \(m_1+ t_1, \ldots , m_k+t_k\) are distributed uniformly therefore do not provide any information to a verifier. Therefore, this proof system is equivalent to the proof system described in Algorithm 1.

Rights and permissions

Reprints and permissions

Copyright information

© 2023 International Financial Cryptography Association

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kazmi, R.A., Le, DP., Minwalla, C. (2023). Privacy-Preserving Post-quantum Credentials for Digital Payments. In: Matsuo, S., et al. Financial Cryptography and Data Security. FC 2022 International Workshops. FC 2022. Lecture Notes in Computer Science, vol 13412. Springer, Cham. https://doi.org/10.1007/978-3-031-32415-4_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-32415-4_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-32414-7

  • Online ISBN: 978-3-031-32415-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation