A pairing-based anonymous credential system with efficient attribute proofs

Amang Sudarsono, Toru Nakanishi, Nobuo Funabiki

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

To enhance user privacy, anonymous credential systems allow the user to convince a verifier of the possession of a certificate issued by the issuing authority anonymously. The typical application is the privacy-enhancing electronic ID (eID). Although a previously proposed system achieves the constant complexity in the number of finiteset attributes of the user, it requires the use of RSA. In this paper, we propose a pairing-based anonymous credential system excluding RSA that achieves the constant complexity. The key idea of our proposal is the adoption of a pairing-based accumulator that outputs a constant-size value from a large set of input values. Using zero-knowledge proofs of pairing-based certificates and accumulators, any AND and OR relation can be proved with the constant complexity in the number of finite-set attributes. We implement the proposed system using the fast pairing library, compare the efficiency with the conventional systems, and show the practicality in a mobile eID application.

Original languageEnglish
Pages (from-to)774-784
Number of pages11
JournalJournal of Information Processing
Volume20
Issue number3
DOIs
Publication statusPublished - 2012

Keywords

  • Accumulators
  • Anonymity
  • Anonymous credentials
  • Attributes
  • Pairings

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

A pairing-based anonymous credential system with efficient attribute proofs. / Sudarsono, Amang; Nakanishi, Toru; Funabiki, Nobuo.

In: Journal of Information Processing, Vol. 20, No. 3, 2012, p. 774-784.

Research output: Contribution to journalArticle

@article{a554e7154c6d4033876e7ccb737fb4ac,
title = "A pairing-based anonymous credential system with efficient attribute proofs",
abstract = "To enhance user privacy, anonymous credential systems allow the user to convince a verifier of the possession of a certificate issued by the issuing authority anonymously. The typical application is the privacy-enhancing electronic ID (eID). Although a previously proposed system achieves the constant complexity in the number of finiteset attributes of the user, it requires the use of RSA. In this paper, we propose a pairing-based anonymous credential system excluding RSA that achieves the constant complexity. The key idea of our proposal is the adoption of a pairing-based accumulator that outputs a constant-size value from a large set of input values. Using zero-knowledge proofs of pairing-based certificates and accumulators, any AND and OR relation can be proved with the constant complexity in the number of finite-set attributes. We implement the proposed system using the fast pairing library, compare the efficiency with the conventional systems, and show the practicality in a mobile eID application.",
keywords = "Accumulators, Anonymity, Anonymous credentials, Attributes, Pairings",
author = "Amang Sudarsono and Toru Nakanishi and Nobuo Funabiki",
year = "2012",
doi = "10.2197/ipsjjip.20.774",
language = "English",
volume = "20",
pages = "774--784",
journal = "Journal of Information Processing",
issn = "0387-5806",
publisher = "Information Processing Society of Japan",
number = "3",

}

TY - JOUR

T1 - A pairing-based anonymous credential system with efficient attribute proofs

AU - Sudarsono, Amang

AU - Nakanishi, Toru

AU - Funabiki, Nobuo

PY - 2012

Y1 - 2012

N2 - To enhance user privacy, anonymous credential systems allow the user to convince a verifier of the possession of a certificate issued by the issuing authority anonymously. The typical application is the privacy-enhancing electronic ID (eID). Although a previously proposed system achieves the constant complexity in the number of finiteset attributes of the user, it requires the use of RSA. In this paper, we propose a pairing-based anonymous credential system excluding RSA that achieves the constant complexity. The key idea of our proposal is the adoption of a pairing-based accumulator that outputs a constant-size value from a large set of input values. Using zero-knowledge proofs of pairing-based certificates and accumulators, any AND and OR relation can be proved with the constant complexity in the number of finite-set attributes. We implement the proposed system using the fast pairing library, compare the efficiency with the conventional systems, and show the practicality in a mobile eID application.

AB - To enhance user privacy, anonymous credential systems allow the user to convince a verifier of the possession of a certificate issued by the issuing authority anonymously. The typical application is the privacy-enhancing electronic ID (eID). Although a previously proposed system achieves the constant complexity in the number of finiteset attributes of the user, it requires the use of RSA. In this paper, we propose a pairing-based anonymous credential system excluding RSA that achieves the constant complexity. The key idea of our proposal is the adoption of a pairing-based accumulator that outputs a constant-size value from a large set of input values. Using zero-knowledge proofs of pairing-based certificates and accumulators, any AND and OR relation can be proved with the constant complexity in the number of finite-set attributes. We implement the proposed system using the fast pairing library, compare the efficiency with the conventional systems, and show the practicality in a mobile eID application.

KW - Accumulators

KW - Anonymity

KW - Anonymous credentials

KW - Attributes

KW - Pairings

UR - http://www.scopus.com/inward/record.url?scp=84871219661&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84871219661&partnerID=8YFLogxK

U2 - 10.2197/ipsjjip.20.774

DO - 10.2197/ipsjjip.20.774

M3 - Article

AN - SCOPUS:84871219661

VL - 20

SP - 774

EP - 784

JO - Journal of Information Processing

JF - Journal of Information Processing

SN - 0387-5806

IS - 3

ER -