Formal Treatment of Privacy-Enhancing Credential Systems

  • Jan Camenisch
  • Stephan Krenn
  • Anja Lehmann
  • Gert Læssøe Mikkelsen
  • Gregory Neven
  • Michael Østergaard Pedersen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9566)


Privacy-enhancing attribute-based credentials (PABCs) are the core ingredients to privacy-friendly authentication systems. They allow users to obtain credentials on attributes and prove possession of these credentials in an unlinkable fashion while revealing only a subset of the attributes. In practice, PABCs typically need additional features like revocation, pseudonyms as privacy-friendly user public keys, or advanced issuance where attributes can be “blindly” carried over into new credentials. For many such features, provably secure solutions exist in isolation, but it is unclear how to securely combined them into a full-fledged PABC system, or even which properties such a system should fulfill.

We provide a formal treatment of PABCs supporting a variety of features by defining their syntax and security properties, resulting in the most comprehensive definitional framework for PABCs so far. Unlike previous efforts, our definitions are not targeted at one specific use-case; rather, we try to capture generic properties that can be useful in a variety of scenarios. We believe that our definitions can also be used as a starting point for diverse application-dependent extensions and variations of PABCs. We present and prove secure a generic and modular construction of a PABC system from simpler building blocks, allowing for a “plug-and-play” composition based on different instantiations of the building blocks. Finally, we give secure instantiations for each of the building blocks.


Privacy Anonymous credentials Provable security 


  1. 1.
    Camenisch, J., Krenn, S., Lehmann, A., Mikkelsen, G.L., Neven, G., Pedersen, M.O.: Formal Treatment of Privacy-Enhancing Credential Systems. ePrint, 2014/708 (2014)Google Scholar
  2. 2.
    ABC4Trust - Attribute-based Credentials for Trust: EU FP7 Project (2015).
  3. 3.
    Camenisch, J., Dubovitskaya, M., Lehmann, A., Neven, G., Paquin, C., Preiss, F.-S.: Concepts and languages for privacy-preserving attribute-based authentication. In: Fischer-Hübner, S., de Leeuw, E., Mitchell, C. (eds.) IDMAN 2013. IFIP AICT, vol. 396, pp. 34–52. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  4. 4.
    European Parliament and Council of the European Union: Regulation (EC) No 45/2001. Official Journal of the European Union (2001)Google Scholar
  5. 5.
    European Parliament and Council of the European Union: Directive 2009/136/EC. Official Journal of the European Union (2009)Google Scholar
  6. 6.
    Schmidt, H.A.: National strategy for trusted identities in cyberspace. CyberwarResources Guide, Item 163 (2010)Google Scholar
  7. 7.
    Camenisch, J., Herreweghen, E.V.: Design and Implementation of the idemix Anonymous Credential System. In: Atluri, V. (ed.) ACM CCS 02, pp. 21–30. ACM (2002)Google Scholar
  8. 8.
    Camenisch, J.L., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Camenisch, J.L., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Camenisch, J.L., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  11. 11.
    Brands, S.: Rethinking Public Key Infrastructure and Digital Certificates - Building in Privacy. Ph.D. thesis, Eindhoven Institute of Technology (1999)Google Scholar
  12. 12.
    Paquin, C., Zaverucha, G.: U-prove Cryptographic Specification v1.1 (Revision 2). Technical report, Microsoft Corporation (2013)Google Scholar
  13. 13.
    IRMA - I Reveal My Attributes: Research Project (2015).
  14. 14.
    IBM Research Security Team: Specification of the Identity Mixer Cryptographic Library. IBM Technical report RZ 3730 (99740) (2010)Google Scholar
  15. 15.
    Corporation, M.: Proof of Concept on integrating German Identity Scheme with U-Prove technology (2011).
  16. 16.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–88 (1981)CrossRefGoogle Scholar
  17. 17.
    Verheul, E.R.: Self-blindable credential certificates from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 533. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  18. 18.
    Belenkiy, M., Camenisch, J., Chase, M., Kohlweiss, M., Lysyanskaya, A., Shacham, H.: Randomizable proofs and delegatable anonymous credentials. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 108–125. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  19. 19.
    Garman, C., Green, M., Miers, I.: Decentralized anonymous credentials. In: NDSS 2014. The Internet Society (2014)Google Scholar
  20. 20.
    Chase, M., Meiklejohn, S., Zaverucha, G.M.: Algebraic MACs and Keyed-Verification Anonymous Credentials. eprint, 2013/516 (2013)Google Scholar
  21. 21.
    Nguyen, L., Paquin, C.: U-Prove Designated-Verifier Accumulator Revocation Extension. Technical report MSR-TR-2013-87 (2013)Google Scholar
  22. 22.
    Zaverucha, G.: U-Prove ID escrow extension. Technical report MSR-TR-2013-86 (2013)Google Scholar
  23. 23.
    Baldimtsi, F., Lysyanskaya, A.: On the security of one-witness blind signature schemes. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 82–99. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  24. 24.
    Camenisch, J., Dubovitskaya, M., Haralambiev, K., Kohlweiss, M.: Composable & modular anonymous credentials: definitions and practical constructions. In: Iwata, T., Jung, H.C. (eds.) ASIACRYPT 2015, PartII. LNCS, vol. 9453, pp. 262–288. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  25. 25.
    Chase, M.: Efficient Non-Interactive Zero-Knowledge Proofs for Privacy Applications. Ph.D. thesis, Brown University (2008)Google Scholar
  26. 26.
    Belenkiy, M., Chase, M., Kohlweiss, M., Lysyanskaya, A.: P-signatures and noninteractive anonymous credentials. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 356–374. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  27. 27.
    Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)CrossRefGoogle Scholar
  28. 28.
    Hanser, C., Slamanig, D.: Structure-preserving signatures on equivalence classes and their application to anonymous credentials. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 491–511. Springer, Heidelberg (2014)Google Scholar
  29. 29.
    Baldimtsi, F., Lysyanskaya, A.: Anonymous credentials light. In: ACM CCS 13, pp. 1087–1098. ACM (2013)Google Scholar
  30. 30.
    Li, J., Au, M.H., Susilo, W., Xie, D., Ren, K.: Attribute-based signature and its applications. In: Feng, D., Basin, D.A., Liu, P. (eds.) ASIACCS 10, pp. 60–69. ACM (2010)Google Scholar
  31. 31.
    Maji, H.K., Prabhakaran, M., Rosulek, M.: Attribute-based signatures. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 376–392. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  32. 32.
    Shahandashti, S.F., Safavi-Naini, R.: Threshold attribute-based signatures and their application to anonymous credential systems. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 198–216. Springer, Heidelberg (2009)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Jan Camenisch
    • 1
  • Stephan Krenn
    • 2
  • Anja Lehmann
    • 1
  • Gert Læssøe Mikkelsen
    • 3
  • Gregory Neven
    • 1
  • Michael Østergaard Pedersen
    • 4
  1. 1.IBM Research – ZurichRüschlikonSwitzerland
  2. 2.AIT Austrian Institute of Technology GmbHViennaAustria
  3. 3.Alexandra InstituteAarhusDenmark
  4. 4.Miracle A/SAarhusDenmark

Personalised recommendations