Achtung:

Sie haben Javascript deaktiviert!
Sie haben versucht eine Funktion zu nutzen, die nur mit Javascript möglich ist. Um sämtliche Funktionalitäten unserer Internetseite zu nutzen, aktivieren Sie bitte Javascript in Ihrem Browser.

[Translate to English:] AG Codes und Kryptographie Show image information

[Translate to English:] AG Codes und Kryptographie

Anonymous Credential Systems

Anonymous credential systems are a means for authentication, i.e. a way to implement access control.

Currently authentication is mostly identity-based, i.e. in order to gain access to something, you tend to tell the access control mechanism exactly who you are. For example, on the internet, you typically authenticate with your email address and a password. When going to see an age-restricted movie, you present your passport to the cinema.

The issue is that during these processes, the user leaks a lot more information about their identity then perhaps necessary. For example, the cinema does not only learn that you are at least 18 years old from your passport, but also your full name, address, nationality, and your exact birth date.

Anonymous credentials provide a solution to that: they enable authentication without identification, i.e., you can prove some statement about yourself (e.g., that you are at least 18 years old, or that you have access rights to some resource), without revealing any other information about you. Like a passport, an anonymous credential encodes a list of authenticated attributes, e.g., name, address, nationality, birth date.

Unlike passports, however, anonymous credentials are privacy-preserving: you can prove a statement (e.g., “I am at least 18 years old”) about your attributes without revealing anything other than the validity of the statement (e.g., you do not reveal your name or exact birth date).

Anonymous credentials can be constructed by combining digital signatures (to authenticate attributes), zero-knowledge proofs (to prove statements about attributes), and commitments (to generate ephemeral pseudonyms).

They have applications for internet authentication, passport-like applications, or ticketing. The same techniques can also be applied to other contexts, like incentive systems.

Very generally, they put data sovereignty back into users’ hands: instead of having services store user data in a central database (where the user has no guarantees how it will be used), services can instead let the user store their own user data in the form of attributes of an anonymous credential. So services do not have access to all user data anymore, but the users manage their own data. Then users can choose to disclose only what is strictly necessary. The data is authenticated, so even though services do not control the data anymore, if a statement about them is proven, services can be sure that the statement is accurate.

Our goal is to improve anonymous credential systems to enable increasingly powerful applications with that sort of data minimization in mind.

If you want to learn more or work with us on improving user privacy, contact Jan Bobolz, Fabian Eidens. To learn more, consider our project group’s report and implementation. To implement a credential-like application yourself, implement it with Cryptimeleon, which has all the necessary building blocks at the ready.

Publications


Open list in Research Information System

Updatable Anonymous Credentials and Applications to Incentive Systems

J. Blömer, J. Bobolz, D.P. Diemert, F. Eidens, in: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS '19, 2019

In this paper, we introduce updatable anonymous credential systems (UACS) and use them to construct a new privacy-preserving incentive system. In a UACS, a user holding a credential certifying some attributes can interact with the corresponding issuer to update his attributes. During this, the issuer knows which update function is run, but does not learn the user's previous attributes. Hence the update process preserves anonymity of the user. One example for a class of update functions are additive updates of integer attributes, where the issuer increments an unknown integer attribute value v by some known value k. This kind of update is motivated by an application of UACS to incentive systems. Users in an incentive system can anonymously accumulate points, e.g. in a shop at checkout, and spend them later, e.g. for a discount.


Open list in Research Information System

The University for the Information Society