Towards attribute-based credentials in the cloud

Abstract

Attribute-based credentials (ABCs, sometimes also anonymous credentials) are a core cryptographic building block of privacy-friendly authentication systems, allowing users to obtain credentials on attributes and prove possession of these credentials in an unlinkable fashion. Thereby, users have full control over which attributes the user wants to reveal to a third party while offering high authenticity guarantees to the receiver. Unfortunately, up to date, all known ABC systems require access to all attributes in the clear at the time of proving possession of a credential to a third party. This makes it hard to offer privacy-preserving identity management systems “as a service,” as the user still needs specific key material and/or dedicated software locally, e.g., on his device. We address this gap by proposing a new cloud-based ABC system where a dedicated cloud service (“wallet”) can present the users’ credentials to a third-party without accessing the attributes in the clear. This enables new privacy-preserving applications of ABCs “in the cloud.” This is achieved by carefully integrating proxy re-encryption with structure-preserving signatures and zero-knowledge proofs of knowledge. The user obtains credentials on his attributes (encrypted under his public key) and uploads them to the wallet, together with a specific re-encryption key. To prove a possession, the wallet re-encrypts the ciphertexts to the public key of the receiving third party and proves, in zero-knowledge, that all computations were done honestly. Thereby, the wallet never sees any user attribute in the clear. We show the practical efficiency of our scheme by giving concrete benchmarks of a prototype implementation.