Privacy-Preserving Auditing for Attribute-Based Credentials

  • Jan Camenisch
  • Anja Lehmann
  • Gregory Neven
  • Alfredo Rial
Conference paper

DOI: 10.1007/978-3-319-11212-1_7

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8713)
Cite this paper as:
Camenisch J., Lehmann A., Neven G., Rial A. (2014) Privacy-Preserving Auditing for Attribute-Based Credentials. In: Kutyłowski M., Vaidya J. (eds) Computer Security - ESORICS 2014. ESORICS 2014. Lecture Notes in Computer Science, vol 8713. Springer, Cham

Abstract

Privacy-enhancing attribute-based credentials (PABCs) allow users to authenticate to verifiers in a data-minimizing way, in the sense that users are unlinkable between authentications and only disclose those attributes from their credentials that are relevant to the verifier. We propose a practical scheme to apply the same data minimization principle when the verifiers’ authentication logs are subjected to external audits. Namely, we propose an extended PABC scheme where the verifier can further remove attributes from presentation tokens before handing them to an auditor, while preserving the verifiability of the audit tokens. We present a generic construction based on a signature, a signature of knowledge and a trapdoor commitment scheme, prove it secure in the universal composability framework, and give an efficient instantiation based on the strong RSA assumption in the random-oracle model.

Keywords

Attribute-based credentials audits universal composability privacy-enhancing technologies 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Jan Camenisch
    • 1
  • Anja Lehmann
    • 1
  • Gregory Neven
    • 1
  • Alfredo Rial
    • 1
  1. 1.IBM Research – ZurichRüschlikonSwitzerland

Personalised recommendations