Paper 2007/384

Non-Interactive Anonymous Credentials

Mira Belenkiy, Melissa Chase, Markulf Kohlweiss, and Anna Lysyanskaya

Abstract

In this paper, we introduce P-signatures. A P-signature scheme consists of a signature scheme, a commitment scheme, and (1) an interactive protocol for obtaining a signature on a committed value; (2) a non-interactive proof system for proving that the contents of a commitment has been signed; (3) a non-interactive proof system for proving that a pair of commitments are commitments to the same value. We give a definition of security for P-signatures and show how they can be realized under appropriate assumptions about groups with bilinear map. Namely, we make extensive use of the powerful suite of non-interactive proof techniques due to Groth and Sahai. Our P-signatures enable, for the first time, the design of a practical non-interactive anonymous credential system whose security does not rely on the random oracle model. In addition, they may serve as a useful building block for other privacy-preserving authentication mechanisms.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Manuscript
Keywords
zero knowledgeanonymous credentialsCL-signatures
Contact author(s)
markulf kohlweiss @ esat kuleuven be
History
2007-10-06: revised
2007-10-04: received
See all versions
Short URL
https://ia.cr/2007/384
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2007/384,
      author = {Mira Belenkiy and Melissa Chase and Markulf Kohlweiss and Anna Lysyanskaya},
      title = {Non-Interactive Anonymous Credentials},
      howpublished = {Cryptology ePrint Archive, Paper 2007/384},
      year = {2007},
      note = {\url{https://eprint.iacr.org/2007/384}},
      url = {https://eprint.iacr.org/2007/384}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.