A multi-purpose proof system — for identity and membership proofs

Abstract

In this paper, we propose a multi-purpose proof system which allows a user to perform various proof protocols needing to remember only one piece of secret data. These proofs include identity proof, membership proof without revealing one's identity, and combined identity and membership proof. When a user participates in a group, he will obtain a secret witness corresponding to the group's name from some administrator of the group. Using the secret witness, the user can prove his membership in this group. Many secret witnesses can be combined into one piece of secret data. From the secret data, the user can obtain the secret witness of the group he participates in. If the user participates in a new group afterward, he can also easily update his secret data. But the size of the secret data is independent of the number of the groups in which the user participates. Our system satisfies other desirable properties which were not attained by the previously proposed systems.