Threshold Delegatable Anonymous Credentials With Controlled and Fine-Grained Delegation

Anonymous credential systems allow users to obtaina credential on multiple attributes from an organization and thenpresent it to verifiers in a way that no information beyond whatattributes are required to be shown is revealed. Moreover, multipleuses of the credential cannot be linked. Thus they represent anattractive tool to realize fine-grained privacy-friendly authentica-tion and access control. In order to avoid a single point of trustand failure, decentralized AC systems have been proposed. Theyeliminate the need for a trusted credential issuer, e.g., by relyingon a set of credential issuers that issue credentials in a thresholdmanner (e.g.,tout ofnf). In this article, we present a novel ACsystem with such a threshold issuance that additionally providescredential delegation. It represents the first decentralizedanddel-egatable AC system. We provide a rigorous formal framework forsuch threshold delegatable anonymous credentials (TDAC's). Ourconcrete approach departs from previous delegatable ACs and isinspired by the concept of functional credentials. More precisely,we propose a threshold delegatable subset predicate encryption(TDSPE) scheme and useTDSPEto construct aTDACschemeand present a comparison with previous work and performancebenchmarks based on a prototype implementation.