Updatable Anonymous Credentials and Applications to Incentive Systems

We introduce updatable anonymous credential systems (UACS) and use them to construct a new privacy-preserving incentive system. In a UACS, a user holding a credential certifying some attributes can interact with the corresponding issuer to update his attributes. During this, the issuer knows which update function is run, but does not learn the user's previous attributes. Hence the update process preserves anonymity of the user. One example for a class of update functions are additive updates of integer attributes, where the issuer increments an unknown integer attribute value v by some known value k. This kind of update is motivated by an application of UACS to incentive systems. Users in an incentive system can anonymously accumulate points, e.g. in a shop at checkout, and spend them later, e.g. for a discount. In this paper, we (1) formally define UACS and their security, (2) give a generic construction for UACS supporting arbitrary update functions, and (3) construct a new incentive system using UACS that is efficient while offering offline double-spending protection and partial spending.

[1]  Jan Camenisch,et al.  Compact E-Cash , 2005, EUROCRYPT.

[2]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[3]  Johannes Blömer,et al.  Delegatable Attribute-based Anonymous Credentials from Dynamically Malleable Signatures , 2018, IACR Cryptol. ePrint Arch..

[4]  Bart De Decker,et al.  A Fair Anonymous Submission and Review System , 2006, Communications and Multimedia Security.

[5]  Matthew Green,et al.  Decentralized Anonymous Credentials , 2014, NDSS.

[6]  David Pointcheval,et al.  Short Randomizable Signatures , 2016, CT-RSA.

[7]  Markulf Kohlweiss,et al.  P-signatures and Noninteractive Anonymous Credentials , 2008, TCC.

[8]  Abhi Shelat,et al.  Efficient Protocols for Set Membership and Range Proofs , 2008, ASIACRYPT.

[9]  Matthew Green,et al.  Access controls for oblivious and anonymous systems , 2011, TSEC.

[10]  Claudio Soriente,et al.  Solving Revocation with Efficient Update of Anonymous Credentials , 2010, SCN.

[11]  Amit Sahai,et al.  Efficient Non-interactive Proof Systems for Bilinear Groups , 2008, EUROCRYPT.

[12]  Max Hoffmann,et al.  BBA+: Improving the Security and Applicability of Privacy-Preserving Point Collection , 2017, CCS.

[13]  Bart De Decker,et al.  Anonymous updating of credentials , 2005 .

[14]  Kai Bemmann,et al.  Fully-Featured Anonymous Credentials with Reputation System , 2018, ARES.

[15]  Tibor Jager,et al.  Black-Box Accumulation: Collecting Incentives in a Privacy-Preserving Way , 2016, Proc. Priv. Enhancing Technol..

[16]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[17]  Jan Camenisch,et al.  Practical UC-Secure Delegatable Credentials with Attributes and Their Application to Blockchain , 2017, CCS.

[18]  Ivan Damgård,et al.  Efficient Concurrent Zero-Knowledge in the Auxiliary String Model , 2000, EUROCRYPT.

[19]  Bart De Decker,et al.  uCentive: An Efficient, Anonymous and Unlinkable Incentives Scheme , 2015, TrustCom 2015.