Published August 4, 2023 | Version v1
Journal article Open

RETRACT: Expressive Designated Verifier Anonymous Credentials

  • 1. Technical University of Denmark (DTU)
  • 2. Ubitech Ltd.

Description

Anonymous credentials (ACs) are digital cryptographically-secure versions of paper and digital credentials that let us selectively prove possession of encoded attributes (claims) to verifiers such as digital services, employers, or government departments without disclosing any other information. While attributes by governmental issuers usually reflect basic personal information about the credential holder (e.g., name, gender, age, address), attributes can also reflect more extensive claims about holders, such as the holder’s platform details and configuration. Since the attributes might be sensitive, it is popular to embed additional attributes in the credential about the existing attributes, e.g., that age is above 18, thus allowing a holder to show that their age satisfies some condition without revealing the exact age. However, since each verifier might have different policies that must be satisfied, it is becoming increasingly impractical for issuers to embed all possible claims in a credential. To mitigate this problem and allow arbitrary policies to be checked against individual attributes without complicating or overwhelming the credential, we propose to let verifiers dynamically define policies as high-level programs which can be verifiably executed by holders on their credentials. Furthermore, to mitigate the potential risk of dishonest verifiers attempting to benefit or otherwise leak sensitive information learned through this unlimited expressiveness of policies, we propose making the proofs designated verifier. Thus, any proof produced for one verifier cannot be used to convince another.

Notes

First submission version

Files

RETRACT__Expressive_Designated_Verifier_Anonymous_Credentials.pdf

Files (823.8 kB)

Additional details

Funding

ASSURED – Future Proofing of ICT Trust Chains: Sustainable Operational Assurance and Verification Remote Guards for Systems-of-Systems Security and Privacy 952697
European Commission