Attack on U-Prove Revocation Scheme from FC’13 - Passing Verification by Revoked Users

  • Lucjan Hanzlik
  • Kamil Kluczniak
  • Mirosław Kutyłowski
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8437)


We analyse security of the scheme proposed in the paper “Accumulators and U-Prove Revocation” from the Financial Cryptography 2013 proceedings. Its authors propose an extension for the U-Prove, the credential system developed by Microsoft. This extension allows to revoke tokens (containers for credentials) using a new cryptographic accumulator scheme. We show that, under certain conditions, there exists a weakness that allows a user to pass the verification while using a revoked U-Prove token. It follows that the proposed solution fails to fulfil the primary goal of revocation schemes.

Recently, a closely related system has been published by Microsoft Research in “U-Prove Designated-Verifier Accumulator Revocation Extension, Draft 1 Revision”. Our attack does not work for this scheme, but the draft lacks formal justification and we cannot exclude problems of this kind.


Anonymous credential Attribute U-Prove Revocation Attack 


  1. 1.
    Microsoft: U-Prove. Webpage of the project (2013).
  2. 2.
    Brands, S.: Untraceable off-line cash in wallets with observers. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 302–318. Springer, Heidelberg (1994)Google Scholar
  3. 3.
    Brands, S.A.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy, 1st edn. MIT Press, Cambridge/London (2000).
  4. 4.
    Acar, T., Chow, S.S.M., Nguyen, L.: Accumulators and U-Prove revocation. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 189–196. Springer, Heidelberg (2013)Google Scholar
  5. 5.
    Lan Nguyen, C.P.: U-Prove designated-verifier accumulator revocation extension. Technical report Draft Revision 1, Microsoft Research (2013)Google Scholar

Copyright information

© International Financial Cryptography Association 2014

Authors and Affiliations

  • Lucjan Hanzlik
    • 1
  • Kamil Kluczniak
    • 1
  • Mirosław Kutyłowski
    • 1
  1. 1.Faculty of Fundamental Problems of TechnologyWrocław University of TechnologyWrocławPoland

Personalised recommendations