Algebraic MACs and Keyed-Verification Anonymous Credentials

The authors consider the problem of constructing anonymous credentials for use in a setting where the issuer of credentials is also the verifier, or more generally where the issuer and verifier have a shared key. In this setting they can use Message Authentication Codes (MACs) instead of public key signatures as the basis for the credential system. To this end, they construct two algebraic MACs in prime-order groups, along with efficient protocols for issuing credentials, asserting possession a credential, and proving statements about hidden attributes (e.g., the age of the credential owner).

Provided by: UC Regents Topic: Security Date Added: Oct 2013 Format: PDF

Find By Topic