Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials

  • Jan Camenisch
  • Anna Lysyanskaya
Conference paper

DOI: 10.1007/3-540-45708-9_5

Part of the Lecture Notes in Computer Science book series (LNCS, volume 2442)
Cite this paper as:
Camenisch J., Lysyanskaya A. (2002) Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials. In: Yung M. (eds) Advances in Cryptology — CRYPTO 2002. CRYPTO 2002. Lecture Notes in Computer Science, vol 2442. Springer, Berlin, Heidelberg

Abstract

We introduce the notion of a dynamic accumulator. An accumulator scheme allows one to hash a large set of inputs into one short value, such that there is a short proof that a given input was incorporated into this value. A dynamic accumulator allows one to dynamically add and delete a value, such that the cost of an add or delete is independent of the number of accumulated values. We provide a construction of a dynamic accumulator and an efficient zero-knowledge proof of knowledge of an accumulated value. We prove their security under the strong RSA assumption. We then show that our construction of dynamic accumulators enables efficient revocation of anonymous credentials, and membership revocation for recent group signature and identity escrow schemes.

Keywords

Dynamic accumulators anonymity certificate revocation group signatures credential systems identity escrow 
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Jan Camenisch
    • 1
  • Anna Lysyanskaya
    • 2
  1. 1.Zurich Research LaboratoryIBM ResearchRüschlikon
  2. 2.MIT LCSCambridgeUSA

Personalised recommendations