Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
SAC '99 Proceedings of the 6th Annual International Workshop on Selected Areas in Cryptography
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Short Signatures from the Weil Pairing
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Signature schemes and applications to cryptographic protocol design
Signature schemes and applications to cryptographic protocol design
Blacklistable anonymous credentials: blocking misbehaving users without ttps
Proceedings of the 14th ACM conference on Computer and communications security
Efficient blind and partially blind signatures without random oracles
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Access with Fast Batch Verifiable Anonymous Credentials
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Block-wise p-signatures and non-interactive anonymous credentials with efficient attributes
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
This paper presents an efficient anonymous credential system that includes two variants. One is a system that lacks a credential revoking protocol, but provides perfect anonymity-unlinkability and computational unforgeability under the strong Diffie-Hellman assumption. It is more efficient than existing credential systems with no revocation. The other is a system that provides revocation as well as computational anonymity-unlinkability and unforgeability under the strong Diffie-Hellman and decision linear Diffie-Hellman assumptions. This system provides two types of revocation simultaneously: one is to blacklist a user who acted wrong so that he can no longer use his credential, and the other is identifying a user who acted wrong from his usage of credential. Both systems are provably secure under the above-mentioned assumptions in the standard model.