A credential system is a system in which users can obtain credentials from organizations and can demonstrate possession of these credentials. Such a system is anonymous when transactions carried out by the same user cannot be related. An anonymous credential system is of significant practical relevance because it is the best means of providing privacy for users. In this paper, we propose a practical anonymous credential system considerably superior to existing ones:
(1) We give the first practical solution that allows a user to unlinkably demonstrate possession of a credential as many times as necessary without involving the issuing organization.
(2) We suggest more effective means of preventing users from sharing their identity, by introducing all-or-nothing sharing: a user who allows a friend to use her identity once, gives him the ability to use all of her credentials. This is
implemented by a new cryptographic primitive, called circular encryption, which is of independent interest.
(3) To prevent misuse of anonymity, our scheme is the first to offer optional anonymity revocation for particular transactions.
(4) Our scheme offers separability: all organizations can choose their cryptographic keys independently of each other.
Keywords. Privacy protection, credential system, e-cash, blind-signatures, circular encryption.
By: J. Camenisch and A. Lysyanskaya
Published in: Lecture Notes in Computer Science, Springer-Verlag, vol.2045, p.93-118 in 2001
LIMITED DISTRIBUTION NOTICE:
This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.
Questions about this service can be mailed to reports@us.ibm.com .