Katholieke Universiteit Leuven
In anonymous credential schemes, users obtain credentials on certain attributes from an issuer, and later show these credentials to a relying party anonymously and without fully disclosing the attributes. In this paper, the authors introduce the notion of (anonymous) credential schemes with encrypted attributes, in which issuers certify credentials on encrypted attributes to users. These schemes allow for the possibility that none of the involved parties, including the user, learns the values of the attributes. In fact, they will treat several variations differing in which parties see which attributes in the clear.