Hidden Issuer Anonymous Credential

Authors: Daniel Bosk (KTH), Davide Frey (Univ Rennes, CNRS, Inria, IRISA), Mathieu Gestin (Univ Rennes, CNRS, Inria, IRISA), Guillaume Piolle (CentraleSupélec, Inria, Univ Rennes, CNRS, IRISA)

Volume: 2022
Issue: 4
Pages: 571–607
DOI: https://doi.org/10.56553/popets-2022-0123

artifact

Download PDF

Abstract: Identity Management Systems (IMS) allow users to prove characteristics about themselves to multiple service providers. IMS evolved from impractical, site-by-site authentication, to versatile, privacyenhancing Self Sovereign Identity (SSI) Frameworks. SSI frameworks often use Anonymous Credential schemes to provide user privacy, and more precisely unlinkability between uses of these credentials. However, these schemes imply the disclosure of the identity of the Issuer of a given credential to any service provider. This can lead to information leaks. We deal with this problem by introducing a new Anonymous Credential scheme that allows a user to hide the Issuer of a credential, while being able to convince the service providers that they can trust the credential, in the absence of a trusted setup. We prove this new scheme secure under the Computational Diffie Hellman assumption, and Decisional Diffie Hellman assumption, in the Random Oracle Model. We show that this scheme is efficient enough to be used with laptops, and to be integrated into SSI frameworks or any other IMS.

Keywords: Anonymous Credential, Unlinkability, Issuer Indistinguishability, Hidden Issuer, Privacy

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs license.