research-article

Efficient attributes for anonymous credentials

Authors:

Thomas GroßAuthors Info & Claims

CCS '08: Proceedings of the 15th ACM conference on Computer and communications security

Pages 345 - 356

https://doi.org/10.1145/1455770.1455814

Published: 27 October 2008 Publication History

Abstract

We extend the Camenisch-Lysyanskaya anonymous credential system such that selective disclosure of attributes becomes highly efficient. The resulting system significantly improves upon existing approaches, which suffer from a linear complexity in the total number of attributes. This limitation makes them unfit for many practical applications, such as electronic identity cards. Our system can incorporate an arbitrary number of binary and finite-set attributes without significant performance impact. Our approach folds all such attributes in a single attribute base and, thus, boosts the efficiency of all proofs of possession. The core idea is to encode discrete binary and finite-set attribute values as prime numbers. We use the divisibility property for efficient proofs of their presence or absence. We additionally contribute efficient methods for conjunctions and disjunctions. The system builds on the Strong-RSA assumption alone. We demonstrate the applicability and performance improvements of our method in realistic application scenarios, such as, electronic identity cards and complex/structured credentials. Our method has crucial advantages in devices with restricted computational capabilities, such as smartcards and cell phones.

References

[1]

American Psychiatric Association. Diagnostic and Statistical Manual of Mental Disorders (DSM-IV-TR). American Psychiatric Publishing Inc., 1000 Wilson Boulevard, Suite 1825, Arlington, VA 22209, fourth edition, text revision edition, 2000. ISBN 9780890420249.

[2]

Association for Computing Machinery (ACM). ACM computing classification system (CCS). http://oldwww.acm.org/class/1998/ccs98.html, 2007.

[3]

G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A practical and provably secure coalition-resistant group signature scheme. In M. Bellare, editor, Advances in Cryptology -- CRYPTO 2000, volume 1880 of Lecture Notes in Computer Science, pages 255--270. Springer Verlag, 2000.

Digital Library

[4]

D. Boneh, X. Boyen, and H. Shacham. Short group signatures. In M. K. Franklin, editor, Advances in Cryptology -- CRYPTO 2004, volume 3152 of Lecture Notes in Computer Science, pages 41--55. Springer Verlag, 2004.

[5]

F. Boudot. Efficient proofs that a committed number lies in an interval. In B. Preneel, editor, Advances in Cryptology -- EUROCRYPT 2000, volume 1807 of Lecture Notes in Computer Science, pages 431--444. Springer Verlag, 2000.

[6]

S. Brands. An efficient off-line electronic cash system based on the representation problem. Technical Report CS-R9323, CWI, Apr. 1993.

[7]

S. Brands. Restrictive blinding of secret-key certificates. Technical Report CS-R9509, CWI, Sept. 1995.

[8]

S. Brands. Secret-key certificates. Technical Report CS-R9510, CWI, Sept. 1995.

[9]

S. Brands. Rapid demonstration of linear relations connected by boolean operators. In W. Fumy, editor, Advances in Cryptology -- EUROCRYPT '97, volume 1233 of Lecture Notes in Computer Science, pages 318--333. Springer Verlag, 1997.

[10]

S. Brands. Rethinking Public Key Infrastructure and Digital Certificates-- Building in Privacy. PhD thesis, Eindhoven Institute of Technology, Eindhoven, The Netherlands, 1999.

[11]

J. Camenisch, S. Hohenberger, M. Kohlweiss, A. Lysyanskaya, and M. Meyerovich. How to win the clonewars: efficient periodic n--times anonymous authentication. In A. Juels, R. N. Wright, and S. D. C. di Vimercati, editors, ACM Conference on Computer and Communications Security, pages 201--210. ACM, 2006.

Digital Library

[12]

J. Camenisch, S. Hohenberger, and A. Lysyanskaya. Compact E-cash. In R. Cramer, editor, Advances in Cryptology -- Eurocrypt 2005, volume 3494 of Lecture Notes in Computer Science, pages 302--321. Springer, 2005.

Digital Library

[13]

J. Camenisch and A. Lysyanskaya. Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In B. Pfitzmann, editor, Advances in Cryptology -- EUROCRYPT 2001, volume 2045 of Lecture Notes in Computer Science, pages 93--118. Springer Verlag, 2001.

Digital Library

[14]

J. Camenisch and A. Lysyanskaya. Dynamic accumulators and application to efficient revocation of anonymous credentials. In M. Yung, editor, Advances in Cryptology -- CRYPTO 2002, volume 2442 of Lecture Notes in Computer Science, pages 61--76. Springer Verlag, 2002.

Digital Library

[15]

J. Camenisch and A. Lysyanskaya. A signature scheme with efficient protocols. In S. Cimato, C. Galdi, and G. Persiano, editors, Security in Communication Networks, Third International Conference, SCN 2002, volume 2576 of Lecture Notes in Computer Science, pages 268--289. Springer Verlag, 2003.

[16]

J. Camenisch and A. Lysyanskaya. Signature schemes and anonymous credentials from bilinear maps. In M. K. Franklin, editor, Advances in Cryptology -- CRYPTO 2004, volume 3152 of Lecture Notes in Computer Science, pages 56--72. Springer Verlag, 2004.

[17]

J. Camenisch and M. Michels. Proving in zero--knowledge that a number n is the product of two safe primes. In J. Stern, editor, Advances in Cryptology -- EUROCRYPT '99, volume 1592 of Lecture Notes in Computer Science, pages 107--122. Springer Verlag, 1999.

[18]

J. Camenisch and M. Stadler. Efficient group signature schemes for large groups. In B. Kaliski, editor, Advances in Cryptology -- CRYPTO '97, volume 1296 of Lecture Notes in Computer Science, pages 410--424. Springer Verlag, 1997.

Digital Library

[19]

J. L. Camenisch. Group Signature Schemes and Payment Systems Based on the Discrete Logarithm Problem. PhD thesis, ETH Zürich, 1998. Diss. ETH No. 12520, Hartung Gorre Verlag, Konstanz.

[20]

A. Chan, Y. Frankel, and Y. Tsiounis. Easy come -- easy go divisible cash. In K. Nyberg, editor, Advances in Cryptology -- EUROCRYPT '98, volume 1403 of Lecture Notes in Computer Science, pages 561--575. Springer Verlag, 1998.

[21]

D. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84--88, Feb. 1981.

Digital Library

[22]

D. Chaum. Blind signatures for untraceable payments. In D. Chaum, R. L. Rivest, and A. T. Sherman, editors, Advances in Cryptology -- Proceedings of CRYPTO '82, pages 199--203. Plenum Press, 1983.

[23]

D. Chaum. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10):1030--1044, Oct. 1985.

Digital Library

[24]

D. Chaum and J.-H. Evertse. A secure and privacy-protecting protocol for transmitting personal information between organizations. In M. Odlyzko, editor, Advances in Cryptology -- CRYPTO '86, volume 263 of Lecture Notes in Computer Science, pages 118--167. Springer-Verlag, 1987.

Digital Library

[25]

D. Chaum and T. P. Pedersen. Wallet databases with observers. In E. F. Brickell, editor, Advances in Cryptology -- CRYPTO '92, volume 740 of Lecture Notes in Computer Science, pages 89--105. Springer-Verlag, 1993.

Digital Library

[26]

D. Chaum and E. van Heyst. Group signatures. In D. W. Davies, editor, Advances in Cryptology -- EUROCRYPT '91, volume 547 of Lecture Notes in Computer Science, pages 257--265. Springer-Verlag, 1991.

[27]

R. Cramer, I. Damgård, and B. Schoenmakers. Proofs of partial knowledge and simplified design of witness hiding protocols. In Y. G. Desmedt, editor, Advances in Cryptology -- CRYPTO '94, volume 839 of Lecture Notes in Computer Science, pages 174--187. Springer Verlag, 1994.

Digital Library

[28]

I. Damgård and E. Fujisaki. An integer commitment scheme based on groups with hidden order. http://eprint.iacr.org/2001, 2001.

[29]

A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In A. M. Odlyzko, editor, Advances in Cryptology -- CRYPTO '86, volume 263 of Lecture Notes in Computer Science, pages 186--194. Springer Verlag, 1987.

Digital Library

[30]

Y. Frankel, Y. Tsiounis, and M. Yung. Fair off-line e-cash made easy. In K. Kim and T. Matsumoto, editors, Advances in Cryptology -- ASIACRYPT '98, volume 1514 of Lecture Notes in Computer Science, pages 257--270. Springer Verlag, 1998.

Digital Library

[31]

A. Fujioka, T. Okamoto, and K. Ohta. A practical secret voting scheme for large scale elections. In J. Seberry and Y. Zheng, editors, ASIACRYPT, volume 718 of Lecture Notes in Computer Science, pages 244--251. Springer, 1992.

Digital Library

[32]

E. Fujisaki and T. Okamoto. Statistical zero knowledge protocols to prove modular polynomial relations. In B. Kaliski, editor, Advances in Cryptology -- CRYPTO '97, volume 1294 of Lecture Notes in Computer Science, pages 16--30. Springer Verlag, 1997.

Digital Library

[33]

S. Goldwasser, S. Micali, and R. Rivest. A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing, 17(2):281--308, Apr. 1988.

Digital Library

[34]

A. Kiayias and M. Yung. Secure scalable group signature with dynamic joins and separable authorities. IJSN, 1(1/2):24--45, 2006.

Digital Library

[35]

A. Kiayias, M. Yung, and Y. Tsiounis. Traceable signatures. In C. Cachin and J. Camenisch, editors, Advances in Cryptology -- EUROCRYPT 2004, volume 3027 of Lecture Notes in Computer Science, pages 571--589. Springer, 2004.

[36]

M. Naor, B. Pinkas, and R. Sumner. Privacy preserving auctions and mechanism design. In Proc. 1st ACM Conference on Electronic Commerce, 1999.

Digital Library

[37]

T. P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In J. Feigenbaum, editor, Advances in Cryptology -- CRYPTO '91, volume 576 of Lecture Notes in Computer Science, pages 129--140. Springer Verlag, 1992.

Digital Library

[38]

R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120--126, Feb. 1978.

Digital Library

[39]

C. P. Schnorr. Efficient signature generation for smart cards. Journal of Cryptology, 4(3):239--252, 1991.

Digital Library

[40]

SPF Intérieur. Instructions generales relatives à la carte d'indentité électronique. SPF Intérieur, Service Registres de la Population et Cartes d'identité, Parc Atrium, rue des Colonies, 11, 1000 Bruxelles, November 2005. http://www.registrenational.fgov.be.

[41]

E. W. Weisstein. Prime number theorem. From MathWorld--A Wolfram Web Resource. http://mathworld.wolfram.com/PrimeNumberTheorem.html, March 2008.

[42]

Wikipedia. DSM-IV codes. http://en.wikipedia.org/wiki/DSM-IV_Codes, March 2008.

[43]

World Health Organization (WHO). International Statistical Classification of Diseases and Health Related Problems (ICD-10). World Health Organization, Geneva, 2nd edition, 10th revision edition, 2005.

[44]

World Health Organization (WHO). ICD-10 codes. http://www.who.int/classifications/apps/icd/icd10online, 2007.

Cited By

Jia MChen JHe KShi MWang YDu R(2024)Generic Construction of Threshold Credential Management With User-Autonomy AggregationIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.334789719(2549-2564)Online publication date: 2024
https://doi.org/10.1109/TIFS.2023.3347897
Nakanishi TTani MKitasuka T(2024)Decentralized Attribute-Based Credentials with Short Attribute Proofs from DualRing2024 Twelfth International Symposium on Computing and Networking (CANDAR)10.1109/CANDAR64496.2024.00033(203-209)Online publication date: 26-Nov-2024
https://doi.org/10.1109/CANDAR64496.2024.00033
Klooß MReichle MWagner B(2024)Practical Blind Signatures in Pairing-Free GroupsAdvances in Cryptology – ASIACRYPT 202410.1007/978-981-96-0875-1_12(363-395)Online publication date: 10-Dec-2024
https://dl.acm.org/doi/10.1007/978-981-96-0875-1_12
Show More Cited By

Index Terms

Efficient attributes for anonymous credentials
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

Anonymous credentials light
CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

We define and propose an efficient and provably secure construction of blind signatures with attributes. Prior notions of blind signatures did not yield themselves to the construction of anonymous credential systems, not even if we drop the ...
Efficient Attributes for Anonymous Credentials
Special Issue on Computer and Communications Security

We extend the Camenisch-Lysyanskaya anonymous credential system such that selective disclosure of attributes becomes highly efficient. The resulting system significantly improves upon existing approaches, which suffer from a linear number of modular ...
Privacy-Enhancing Proxy Signatures from Non-interactive Anonymous Credentials
DBSec 2014: Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy XXVIII - Volume 8566

Proxy signatures enable an originator to delegate the signing rights for a restricted set of messages to a proxy. The proxy is then able to produce valid signatures only for messages from this delegated set on behalf of the originator. Recently, two ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '08: Proceedings of the 15th ACM conference on Computer and communications security

October 2008

590 pages

ISBN:9781595938107

DOI:10.1145/1455770

General Chair:
Peng Ning
North Carolina State University, USA
,
Program Chairs:
Paul Syverson
Naval Research Laboratory, USA
,
Somesh Jha
University of Wisconsin, USA

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 October 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS08

Sponsor:

CCS08: 15th ACM Conference on Computer and Communications Security 2008

October 27 - 31, 2008

Virginia, Alexandria, USA

Acceptance Rates

CCS '08 Paper Acceptance Rate 51 of 280 submissions, 18%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

71
Total Citations
View Citations
1,107
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)0

Reflects downloads up to 18 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Jia MChen JHe KShi MWang YDu R(2024)Generic Construction of Threshold Credential Management With User-Autonomy AggregationIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.334789719(2549-2564)Online publication date: 2024
https://doi.org/10.1109/TIFS.2023.3347897
Nakanishi TTani MKitasuka T(2024)Decentralized Attribute-Based Credentials with Short Attribute Proofs from DualRing2024 Twelfth International Symposium on Computing and Networking (CANDAR)10.1109/CANDAR64496.2024.00033(203-209)Online publication date: 26-Nov-2024
https://doi.org/10.1109/CANDAR64496.2024.00033
Klooß MReichle MWagner B(2024)Practical Blind Signatures in Pairing-Free GroupsAdvances in Cryptology – ASIACRYPT 202410.1007/978-981-96-0875-1_12(363-395)Online publication date: 10-Dec-2024
https://dl.acm.org/doi/10.1007/978-981-96-0875-1_12
Fuchsbauer GWolf M(2024)Concurrently Secure Blind Schnorr SignaturesAdvances in Cryptology – EUROCRYPT 202410.1007/978-3-031-58723-8_5(124-160)Online publication date: 8-May-2024
https://doi.org/10.1007/978-3-031-58723-8_5
Debes HGiannetsos T(2023)RETRACT: Expressive Designated Verifier Anonymous CredentialsProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3600191(1-12)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3600191
Akand MSafavi-Naini RKneppers MGiraud MLafourcade P(2023)Privacy-Preserving Proof-of-Location With Security Against Geo-TamperingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.312807320:1(131-146)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2021.3128073
Rosenberg MWhite JGarman CMiers I(2023)zk-creds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179430(790-808)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179430
Groß T(2023)Zero-Knowledge Predicates for Hashing to Prime: Theory and ApplicationsE-Business and Telecommunications10.1007/978-3-031-36840-0_9(161-194)Online publication date: 22-Jul-2023
https://doi.org/10.1007/978-3-031-36840-0_9
Kakvi SMartin KPutman CQuaglia E(2023)SoK: Anonymous CredentialsSecurity Standardisation Research10.1007/978-3-031-30731-7_6(129-151)Online publication date: 7-Apr-2023
https://doi.org/10.1007/978-3-031-30731-7_6
Hanzlik LLoss JWagner B(2023)Rai-Choo! Evolving Blind Signatures to the Next LevelAdvances in Cryptology – EUROCRYPT 202310.1007/978-3-031-30589-4_26(753-783)Online publication date: 16-Apr-2023
https://doi.org/10.1007/978-3-031-30589-4_26
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten