Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Revocable Anonymous Credentials from Attribute-Based Encryption

Giovanni Bartolomeo

TL;DR

This paper addresses the challenge of providing revocable, anonymous credentials capable of proving predicates over attributes without revealing identities. It combines Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with dynamic accumulators to support forward revocation and uses a Fujisaki-Okamoto transformation to achieve Concealed-Ciphertext Anonymity (CCA) security. The main contributions include a revocable functional credentials framework grounded in CP-WATERS-KEM, an accumulator-based revocation mechanism, and a CCA-secure anonymity layer that preserves predicate proving while preventing linkage across sessions. The approach enables practical deployment in existing authentication workflows by avoiding heavy zero-knowledge proofs and leveraging established CP-ABE primitives and the OpenABE ecosystem. Overall, the work provides a scalable, policy-expressive, and privacy-preserving solution for revocable anonymous credentials with strong security guarantees.

Abstract

We introduce a credential verification protocol leveraging on Ciphertext-Policy Attribute-Based Encryption. The protocol supports anonymous proof of predicates and revocation through accumulators.

Revocable Anonymous Credentials from Attribute-Based Encryption

TL;DR

This paper addresses the challenge of providing revocable, anonymous credentials capable of proving predicates over attributes without revealing identities. It combines Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with dynamic accumulators to support forward revocation and uses a Fujisaki-Okamoto transformation to achieve Concealed-Ciphertext Anonymity (CCA) security. The main contributions include a revocable functional credentials framework grounded in CP-WATERS-KEM, an accumulator-based revocation mechanism, and a CCA-secure anonymity layer that preserves predicate proving while preventing linkage across sessions. The approach enables practical deployment in existing authentication workflows by avoiding heavy zero-knowledge proofs and leveraging established CP-ABE primitives and the OpenABE ecosystem. Overall, the work provides a scalable, policy-expressive, and privacy-preserving solution for revocable anonymous credentials with strong security guarantees.

Abstract

We introduce a credential verification protocol leveraging on Ciphertext-Policy Attribute-Based Encryption. The protocol supports anonymous proof of predicates and revocation through accumulators.
Paper Structure (17 sections, 2 theorems, 20 equations)

This paper contains 17 sections, 2 theorems, 20 equations.

Table of Contents

  1. Introduction
  2. Preliminaries
  3. Revocable Functional Credentials
  4. CP-WATERS-KEM
  5. Revocation
  6. Amendments to CP-WATERS-KEM
  7. CP-WATERS-KEM plus Accumulators
  8. Correctness
  9. Security
  10. Verification Protocol
  11. Anonymity
  12. CCA-secure Encryption Algorithm
  13. CCA-secure Decryption Algorithm
  14. Security
  15. Related Works
  16. ...and 2 more sections

Key Result

theorem thmcountertheorem

A polynomial time adversary, acting as a Verifier, cannot distinguish between any two provers with different CP-WATERS-KEM keys, if their keys both satisfy (or not satisfy) the same access structure they are tested against.

Theorems & Definitions (4)

  • theorem thmcountertheorem
  • proof
  • theorem thmcountertheorem
  • proof