Hidden Issuer Anonymous Credential

Identity Management Systems (IMS) allow users to prove characteristics about themselves to multiple service providers. IMS evolved from impractical, site-by-site authentication, to versatile, privacyenhancing Self Sovereign Identity (SSI) Frameworks. SSI frameworks often use Anonymous Credential sch...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Proceedings on Privacy Enhancing Technologies 2022-10, Vol.2022 (4), p.571-607
Hauptverfasser: Bosk, Daniel, Frey, Davide, Gestin, Mathieu, Piolle, Guillaume
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Identity Management Systems (IMS) allow users to prove characteristics about themselves to multiple service providers. IMS evolved from impractical, site-by-site authentication, to versatile, privacyenhancing Self Sovereign Identity (SSI) Frameworks. SSI frameworks often use Anonymous Credential schemes to provide user privacy, and more precisely unlinkability between uses of these credentials. However, these schemes imply the disclosure of the identity of the Issuer of a given credential to any service provider. This can lead to information leaks. We deal with this problem by introducing a new Anonymous Credential scheme that allows a user to hide the Issuer of a credential, while being able to convince the service providers that they can trust the credential, in the absence of a trusted setup. We prove this new scheme secure under the Computational Diffie Hellman assumption, and Decisional Diffie Hellman assumption, in the Random Oracle Model. We show that this scheme is efficient enough to be used with laptops, and to be integrated into SSI frameworks or any other IMS.
ISSN:2299-0984
2299-0984
DOI:10.56553/popets-2022-0123