Delegatable Attribute-Based Anonymous Credentials from Dynamically Malleable Signatures
We introduce the notion of delegatable attribute-based anonymous credentials (DAAC). Such systems offer fine-grained anonymous access control and they give the credential holder the ability to issue more restricted credentials to other users. In our model, credentials are parameterized with attributes that (1) express what the credential holder himself has been certified and (2) define which attributes he may issue to others. Furthermore, we present a practical construction of DAAC. For this construction, we deviate from the usual approach of embedding a certificate chain in the credential. Instead, we introduce a novel approach for which we identify a new primitive we call dynamically malleable signatures (DMS) as the main ingredient. This primitive may be of independent interest. We also give a first instantiation of DMS with efficient protocols.
KeywordsDelegatable credentials Anonymous credentials Malleable signatures Attribute-based credentials Authentication
- 4.Belenkiy, M., Camenisch, J., Chase, M., Kohlweiss, M., Lysyanskaya, A., Shacham, H.: Randomizable proofs and delegatable anonymous credentials. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 108–125. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_7CrossRefGoogle Scholar
- 6.Camenisch, J., Drijvers, M., Dubovitskaya, M.: Practical UC-secure delegatable credentials with attributes and their application to blockchain. In: CCS, pp. 683–699. ACM (2017)Google Scholar
- 7.Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Malleable signatures: new definitions and delegatable anonymous credentials. In: CSF 2014, pp. 199–213. IEEE (2014)Google Scholar
- 14.Fuchsbauer, G.: Commuting signatures and verifiable encryption and an application to non-interactively delegatable credentials. IACR Cryptology ePrint Archive 2010/233 (2010). http://eprint.iacr.org/2010/233
- 15.Lysyanskaya, A.: Signature schemes and applications to cryptographic protocol design. Ph.D. thesis, Massachusetts Institute of Technology (2002). http://groups.csail.mit.edu/cis/theses/anna-phd.pdf