Publication Type

Journal Article

Version

acceptedVersion

Publication Date

7-2024

Abstract

Attribute-based anonymous credentials offer users fine-grained access control in a privacy-preserving manner. However, in such schemes obtaining a user's credentials requires knowledge of the issuer's public key, which obviously reveals the issuer's identity that must be hidden from users in certain scenarios. Moreover, verifying a user's credentials also requires the knowledge of issuer's public key, which may infer the user's private information from their choice of issuer. In this article, we introduce the notion of double issuer-hiding attribute-based credentials ( DIHAC ) to tackle these two problems. In our model, a central authority can issue public-key credentials for a group of issuers, and users can obtain attribute-based credentials from one of the issuers without knowing which one it is. Then, a user can prove that their credential was issued by one of the authenticated issuers without revealing which one to a verifier. We provide a generic construction, as well as a concrete instantiation for DIHAC based on structure-preserving signatures on equivalence classes (JOC's 19) and a novel primitive which we call tag-based aggregatable mercurial signatures. Our construction is efficient without relying on zero-knowledge proofs. We provide rigorous evaluations on personal laptop and smartphone platforms, respectively, to demonstrate its practicability.

Keywords

Anonymous credentials, mercurial signatures, privacy preserving, issuer hiding

Discipline

Information Security | Theory and Algorithms

Research Areas

Cybersecurity

Publication

IEEE Transactions on Dependable and Secure Computing

Volume

21

Issue

4

First Page

2585

Last Page

2602

ISSN

1545-5971

Identifier

10.1109/TDSC.2023.3314019

Publisher

Institute of Electrical and Electronics Engineers

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/TDSC.2023.3314019

Download

Share

COinS