Threshold Delegatable Anonymous Credentials With Controlled and Fine-Grained Delegation

被引:3
作者
Mir, Omid [1 ]
Slamanig, Daniel [2 ]
Mayrhofer, Rene [3 ]
机构
[1] Johannes Kepler Univ Linz, LIT Secure & Correct Syst Lab, A-4040 Linz, Austria
[2] AIT Austrian Inst Technol, A-1210 Vienna, Austria
[3] Johannes Kepler Univ Linz, Inst Networks & Secur, A-4040 Linz, Austria
基金
奥地利科学基金会;
关键词
Encryption; Public key; Privacy; Blockchains; Social networking (online); Metadata; Internet; Anonymous credential; subset predicate encryption; delegation; threshold issuance; PREDICATE ENCRYPTION; SIGNATURE;
D O I
10.1109/TDSC.2023.3303834
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Anonymous credential systems allow users to obtaina credential on multiple attributes from an organization and thenpresent it to verifiers in a way that no information beyond whatattributes are required to be shown is revealed. Moreover, multipleuses of the credential cannot be linked. Thus they represent anattractive tool to realize fine-grained privacy-friendly authentica-tion and access control. In order to avoid a single point of trustand failure, decentralized AC systems have been proposed. Theyeliminate the need for a trusted credential issuer, e.g., by relyingon a set of credential issuers that issue credentials in a thresholdmanner (e.g.,tout ofnf). In this article, we present a novel ACsystem with such a threshold issuance that additionally providescredential delegation. It represents the first decentralizedanddel-egatable AC system. We provide a rigorous formal framework forsuch threshold delegatable anonymous credentials (TDAC's). Ourconcrete approach departs from previous delegatable ACs and isinspired by the concept of functional credentials. More precisely,we propose a threshold delegatable subset predicate encryption(TDSPE) scheme and useTDSPEto construct aTDACschemeand present a comparison with previous work and performancebenchmarks based on a prototype implementation.
引用
收藏
页码:2312 / 2326
页数:15
相关论文
共 54 条
[1]  
Au W., P INT C SEC CRYPT NE
[2]  
Baron K., P INT C APPL CRYPT N
[3]  
Bauer L. Jia, P IEEE 23 COMP SEC F
[4]  
Belenkiy M, 2009, LECT NOTES COMPUT SC, V5677, P108, DOI 10.1007/978-3-642-03356-8_7
[5]   Ciphertext-policy attribute-based encryption [J].
Bethencourt, John ;
Sahai, Amit ;
Waters, Brent .
2007 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2007, :321-+
[6]  
Bichsel J., 2009, Tech. Rep. RZ3730
[7]   Foundations of Fully Dynamic Group Signatures [J].
Bootle, Jonathan ;
Cerulli, Andrea ;
Chaidos, Pyrros ;
Ghadafi, Essam ;
Groth, Jens .
APPLIED CRYPTOGRAPHY AND NETWORK SECURITY, ACNS 2016, 2016, 9696 :117-136
[8]   Zero-knowledge authentication scheme with secret key exchange [J].
Brandt, J ;
Damgard, I ;
Landrock, P ;
Pedersen, T .
JOURNAL OF CRYPTOLOGY, 1998, 11 (03) :147-159
[9]  
Brickell E., 2004, 11 ACM C COMP COMM S, P132, DOI [10.1145/1030083.1030103, DOI 10.1145/1030083.1030103]
[10]  
Camenisch J, 2004, LECT NOTES COMPUT SC, V3152, P56