Skip to main content

Lund University Publications

LUND UNIVERSITY LIBRARIES

PAPR : Publicly Auditable Privacy Revocation for Anonymous Credentials

Brorsson, Joakim LU orcid ; David, Bernardo ; Gentile, Lorenzo ; Pagnin, Elena LU orcid and Wagner, Paul Stankovski LU (2023) Cryptographers’ Track at the RSA Conference, CT-RSA 2023 In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 13871 LNCS. p.163-190
Abstract

We study the notion of anonymous credentials with Publicly Auditable Privacy Revocation (PAPR). PAPR credentials simultaneously provide conditional user privacy and auditable privacy revocation. The first property implies that users keep their identity private when authenticating unless and until an appointed authority requests to revoke this privacy, retroactively. The second property enforces that auditors can verify whether or not this authority has revoked privacy from an issued credential (i.e. learned the identity of the user who owns that credential), holding the authority accountable. In other words, the second property enriches conditionally anonymous credential systems with transparency by design, effectively discouraging such... (More)

We study the notion of anonymous credentials with Publicly Auditable Privacy Revocation (PAPR). PAPR credentials simultaneously provide conditional user privacy and auditable privacy revocation. The first property implies that users keep their identity private when authenticating unless and until an appointed authority requests to revoke this privacy, retroactively. The second property enforces that auditors can verify whether or not this authority has revoked privacy from an issued credential (i.e. learned the identity of the user who owns that credential), holding the authority accountable. In other words, the second property enriches conditionally anonymous credential systems with transparency by design, effectively discouraging such systems from being used for mass surveillance. In this work, we introduce the notion of a PAPR anonymous credential scheme, formalize it as an ideal functionality, and present constructions that are provably secure under standard assumptions in the Universal Composability framework. The core tool in our PAPR construction is a mechanism for randomly selecting an anonymous committee which users secret share their identity information towards, while hiding the identities of the committee members from the authority. As a consequence, in order to initiate the revocation process for a given credential, the authority is forced to post a request on a public bulletin board used as a broadcast channel to contact the anonymous committee that holds the keys needed to decrypt the identity connected to the credential. This mechanism makes the user de-anonymization publicly auditable.

(Less)
Please use this url to cite or link to this publication:
author
; ; ; and
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
host publication
Topics in Cryptology – CT-RSA 2023 - Cryptographers’ Track at the RSA Conference 2023, Proceedings
series title
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
editor
Rosulek, Mike
volume
13871 LNCS
pages
28 pages
publisher
Springer Science and Business Media B.V.
conference name
Cryptographers’ Track at the RSA Conference, CT-RSA 2023
conference location
San Francisco, United States
conference dates
2023-04-24 - 2023-04-27
external identifiers
  • scopus:85161390418
ISSN
1611-3349
0302-9743
ISBN
9783031308710
DOI
10.1007/978-3-031-30872-7_7
language
English
LU publication?
yes
id
14967cac-620a-4fb5-880a-1c71318d02dd
date added to LUP
2023-09-15 14:29:52
date last changed
2024-04-19 00:59:29
@inproceedings{14967cac-620a-4fb5-880a-1c71318d02dd,
  abstract     = {{<p>We study the notion of anonymous credentials with Publicly Auditable Privacy Revocation (PAPR). PAPR credentials simultaneously provide conditional user privacy and auditable privacy revocation. The first property implies that users keep their identity private when authenticating unless and until an appointed authority requests to revoke this privacy, retroactively. The second property enforces that auditors can verify whether or not this authority has revoked privacy from an issued credential (i.e. learned the identity of the user who owns that credential), holding the authority accountable. In other words, the second property enriches conditionally anonymous credential systems with transparency by design, effectively discouraging such systems from being used for mass surveillance. In this work, we introduce the notion of a PAPR anonymous credential scheme, formalize it as an ideal functionality, and present constructions that are provably secure under standard assumptions in the Universal Composability framework. The core tool in our PAPR construction is a mechanism for randomly selecting an anonymous committee which users secret share their identity information towards, while hiding the identities of the committee members from the authority. As a consequence, in order to initiate the revocation process for a given credential, the authority is forced to post a request on a public bulletin board used as a broadcast channel to contact the anonymous committee that holds the keys needed to decrypt the identity connected to the credential. This mechanism makes the user de-anonymization publicly auditable.</p>}},
  author       = {{Brorsson, Joakim and David, Bernardo and Gentile, Lorenzo and Pagnin, Elena and Wagner, Paul Stankovski}},
  booktitle    = {{Topics in Cryptology – CT-RSA 2023 - Cryptographers’ Track at the RSA Conference 2023, Proceedings}},
  editor       = {{Rosulek, Mike}},
  isbn         = {{9783031308710}},
  issn         = {{1611-3349}},
  language     = {{eng}},
  pages        = {{163--190}},
  publisher    = {{Springer Science and Business Media B.V.}},
  series       = {{Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)}},
  title        = {{PAPR : Publicly Auditable Privacy Revocation for Anonymous Credentials}},
  url          = {{http://dx.doi.org/10.1007/978-3-031-30872-7_7}},
  doi          = {{10.1007/978-3-031-30872-7_7}},
  volume       = {{13871 LNCS}},
  year         = {{2023}},
}