Functional Credentials

Authors: Dominic Deuber (Friedrich-Alexander-Universität ErlangenNürnberg), Matteo Maffei (TU Wien), Giulio Malavolta (FriedrichAlexander-Universität Erlangen-Nürnberg), Max Rabkin, Dominique Schröder (Friedrich-Alexander-Universität Erlangen-Nürnberg), Mark Simkin (Aarhus University)

Volume: 2018
Issue: 2
Pages: 64–84
DOI: https://doi.org/10.1515/popets-2018-0013

Download PDF

Abstract: A functional credential allows a user to anonymously prove possession of a set of attributes that fulfills a certain policy. The policies are arbitrary polynomially computable predicates that are evaluated over arbitrary attributes. The key feature of this primitive is the delegation of verification to third parties, called designated verifiers. The delegation protects the privacy of the policy: A designated verifier can verify that a user satisfies a certain policy without learning anything about the policy itself. We illustrate the usefulness of this property in different applications, including outsourced databases with access control. We present a new framework to construct functional credentials that does not require (non-interactive) zero-knowledge proofs. This is important in settings where the statements are complex and thus the resulting zero-knowledge proofs are not efficient. Our construction is based on any predicate encryption scheme and the security relies on standard assumptions. A complexity analysis and an experimental evaluation confirm the practicality of our approach.

Keywords: Anonymous Credentials, Anonymous Authentication

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs license.