An­onym­ous Cre­den­tial Sys­tems

Anonymous credential systems are a means for authentication, i.e. a way to implement access control.

Currently authentication is mostly identity-based, i.e. in order to gain access to something, you tend to tell the access control mechanism exactly who you are. For example, on the internet, you typically authenticate with your email address and a password. When going to see an age-restricted movie, you present your passport to the cinema.

The issue is that during these processes, the user leaks a lot more information about their identity then perhaps necessary. For example, the cinema does not only learn that you are at least 18 years old from your passport, but also your full name, address, nationality, and your exact birth date.

Anonymous credentials provide a solution to that: they enable authentication without identification, i.e., you can prove some statement about yourself (e.g., that you are at least 18 years old, or that you have access rights to some resource), without revealing any other information about you. Like a passport, an anonymous credential encodes a list of authenticated attributes, e.g., name, address, nationality, birth date.

Unlike passports, however, anonymous credentials are privacy-preserving: you can prove a statement (e.g., “I am at least 18 years old”) about your attributes without revealing anything other than the validity of the statement (e.g., you do not reveal your name or exact birth date).

Anonymous credentials can be constructed by combining digital signatures (to authenticate attributes), zero-knowledge proofs (to prove statements about attributes), and commitments (to generate ephemeral pseudonyms).

They have applications for internet authentication, passport-like applications, or ticketing. The same techniques can also be applied to other contexts, like incentive systems.

Very generally, they put data sovereignty back into users’ hands: instead of having services store user data in a central database (where the user has no guarantees how it will be used), services can instead let the user store their own user data in the form of attributes of an anonymous credential. So services do not have access to all user data anymore, but the users manage their own data. Then users can choose to disclose only what is strictly necessary. The data is authenticated, so even though services do not control the data anymore, if a statement about them is proven, services can be sure that the statement is accurate.

Our goal is to improve anonymous credential systems to enable increasingly powerful applications with that sort of data minimization in mind.

If you want to learn more or work with us on improving user privacy, contact Jan Bobolz, Fabian Eidens. To learn more, consider our project group’s report and implementation. To implement a credential-like application yourself, implement it with Cryptimeleon, which has all the necessary building blocks at the ready.


Updatable Anonymous Credentials and Applications to Incentive Systems

J. Blömer, J. Bobolz, D.P. Diemert, F. Eidens, in: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS ’19, 2019.

Show all publications