Usually, authentication (e.g., via user name and password) serves the purpose of establishing the exact identity of someone requesting access to something (e.g., access to credit card details). However, in many scenarios access should be granted to a group of people and it does not matter which member of the group requests access. For example, this may be the case for physical doors or for online subscription-based content. In these scenarios, it becomes interesting to look at more complex authentication schemes, where a user is even able to authenticate herself anonymously, i.e. as part of a larger group without revealing her own identity. 

Anonymous Credential Systems offer such functionality: some party issues credentials to users. The credentials may be used as a means of authentication. To authenticate, a user runs a cryptographic interactive (“zero-knowledge”) protocol where the only information revealed about her is possession of a credential (i.e. membership in the group of people with similar credentials).

In essence, this allows users to access restricted services without revealing personal information. This serves as protection against tracing a user's activity among multiple services and creating extensive profiles that violate our expectation of privacy.

In the project group, the main goal is to theoretically examine and practically implement an anonymous credential system (and a similar treatment for anonymous reputation systems compatible with the implemented credential system).

What we offer:

• A meaningful project: We plan to publish the resulting software. Furthermore, it will be used for the SFB 901 testbed implementation of on-the-fly markets.
• Challenging theoretical tasks in the field of cryptography: design and security proof of a complex scheme built upon digital signatures, zero-knowledge proof of knowledge protocols, secret sharing schemes, and other powerful primitives.
• Challenging implementation tasks: design of nontrivial protocols and interfaces, implementation of security-critical systems, creating software support for powerful cryptographic primitives (e.g., implementing a compiler for declaratively defined cryptographic protocols), ...

As such, the project comprises interesting aspects for both the theoretically inclined and the students who enjoy working on implementation. Note that we expect every student to understand and work on the basic theoretical aspects of the implemented schemes. However, we explicitly encourage each participant to set a focus on theory, implementation, or a combination of those, depending on their inclination.

• Final documentation of the project group
• github release of the code (renamed CLARC)