Date Added: May 2009
Storage of personal information by service providers risk privacy loss from data breaches. The prior work on minimal disclosure credentials presented a mechanism to limit the amount of personal information provided. In that work, personal data was broken into individual claims, which can be released in arbitrary subsets while still being cryptographically verifiable. In applying that work, the authors encountered the problem of connections between claims, which manifest as disclosure dependencies. In further prior work, they provide an efficient way to provide minimal disclosure, but with cryptographic enforcement of dependencies between claims, as specified by the claims certifier. Now, this paper provides security proofs showing that the scheme is secure against forgery and the violation of dependencies in the random oracle model.