Delegatable Attribute-Based Anonymous Credentials from Dynamically Malleable Signatures

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10892)

Abstract

We introduce the notion of delegatable attribute-based anonymous credentials (DAAC). Such systems offer fine-grained anonymous access control and they give the credential holder the ability to issue more restricted credentials to other users. In our model, credentials are parameterized with attributes that (1) express what the credential holder himself has been certified and (2) define which attributes he may issue to others. Furthermore, we present a practical construction of DAAC. For this construction, we deviate from the usual approach of embedding a certificate chain in the credential. Instead, we introduce a novel approach for which we identify a new primitive we call dynamically malleable signatures (DMS) as the main ingredient. This primitive may be of independent interest. We also give a first instantiation of DMS with efficient protocols.

Keywords

Delegatable credentials Anonymous credentials Malleable signatures Attribute-based credentials Authentication 

References

  1. 1.
    Acar, T., Nguyen, L.: Revocation for delegatable anonymous credentials. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 423–440. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_26CrossRefGoogle Scholar
  2. 2.
    Ahn, J.H., Boneh, D., Camenisch, J., Hohenberger, S., Shelat, A., Waters, B.: Computing on authenticated data. J. Cryptol. 28(2), 351–395 (2015)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Attrapadung, N., Libert, B.: Homomorphic network coding signatures in the standard model. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 17–34. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_2CrossRefGoogle Scholar
  4. 4.
    Belenkiy, M., Camenisch, J., Chase, M., Kohlweiss, M., Lysyanskaya, A., Shacham, H.: Randomizable proofs and delegatable anonymous credentials. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 108–125. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03356-8_7CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Freeman, D., Katz, J., Waters, B.: Signing a linear subspace: signature schemes for network coding. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 68–87. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00468-1_5CrossRefGoogle Scholar
  6. 6.
    Camenisch, J., Drijvers, M., Dubovitskaya, M.: Practical UC-secure delegatable credentials with attributes and their application to blockchain. In: CCS, pp. 683–699. ACM (2017)Google Scholar
  7. 7.
    Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Malleable signatures: new definitions and delegatable anonymous credentials. In: CSF 2014, pp. 199–213. IEEE (2014)Google Scholar
  8. 8.
    Chase, M., Lysyanskaya, A.: On signatures of knowledge. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 78–96. Springer, Heidelberg (2006).  https://doi.org/10.1007/11818175_5CrossRefGoogle Scholar
  9. 9.
    Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)CrossRefGoogle Scholar
  10. 10.
    Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48658-5_19CrossRefGoogle Scholar
  11. 11.
    Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0055717CrossRefGoogle Scholar
  12. 12.
    Damgård, I.: Efficient concurrent zero-knowledge in the auxiliary string model. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 418–430. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-45539-6_30CrossRefGoogle Scholar
  13. 13.
    Freeman, D.M.: Improved security for linearly homomorphic signatures: a generic framework. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 697–714. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-30057-8_41CrossRefGoogle Scholar
  14. 14.
    Fuchsbauer, G.: Commuting signatures and verifiable encryption and an application to non-interactively delegatable credentials. IACR Cryptology ePrint Archive 2010/233 (2010). http://eprint.iacr.org/2010/233
  15. 15.
    Lysyanskaya, A.: Signature schemes and applications to cryptographic protocol design. Ph.D. thesis, Massachusetts Institute of Technology (2002). http://groups.csail.mit.edu/cis/theses/anna-phd.pdf
  16. 16.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-46766-1_9CrossRefGoogle Scholar
  17. 17.
    Pointcheval, D., Sanders, O.: Short randomizable signatures. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 111–126. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-29485-8_7CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Paderborn UniversityPaderbornGermany

Personalised recommendations