Introducing proxy zero-knowledge proof and utilization in anonymous credential systems

In pseudonym systems, users by means of pseudonyms anonymously interact with organizations to obtain credentials. The credential scheme constructed by Lysyanskaya and Camenisch is among the most complete credential systems, in which “all-or-nothing” sharing scheme is used to prevent users sharing their credentials. If a user cannot directly show a credential issued by an organization, she or he has to give her or his own secret key to someone else as a proxy; afterward, the proxy can show the credential on behalf of the user. Thus, according to the all-or-nothing property of the system, having the user's secret key, the proxy can use all credentials of the user for itself. To solve this problem, in this paper, we present proxy zero-knowledge proof and utilize it in Lysyanskaya and Camenisch anonymous credential system. In our proposed system, instead of giving the secret key to the proxy, the user generates a proxy key based on the desired credential particularly for the proxy. Therefore, the proxy neither is the owner of the user's credential nor uses his or her other credentials. Copyright © 2012 John Wiley & Sons, Ltd.

[1]  Ronggong Song,et al.  Pseudonym Technology for E-Services , 2006 .

[2]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[3]  Amit Sahai,et al.  Pseudonym Systems , 1999, Selected Areas in Cryptography.

[4]  Tatsuaki Okamoto,et al.  Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations , 1997, CRYPTO.

[5]  Hans Vangheluwe,et al.  Anonymous k -Show Credentials , 2007, EuroPKI.

[6]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[7]  Dongho Won,et al.  Proxy signatures, Revisited , 1997, ICICS.

[8]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[9]  Lidong Chen Access with Pseudonyms , 1995, Cryptography: Policy and Algorithms.

[10]  David Chaum,et al.  A Secure and Privacy-protecting Protocol for Transmitting Personal Information Between Organizations , 1986, CRYPTO.

[11]  Byoungcheon Lee,et al.  Strong Proxy Signature and its Applications , 2000 .

[12]  Yuan Zhou,et al.  Proxy blind multi-signature scheme without a secure channel , 2005, Appl. Math. Comput..

[13]  Ivan Damgård,et al.  A Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order , 2002, ASIACRYPT.

[14]  Eric R. Verheul,et al.  Self-Blindable Credential Certificates from the Weil Pairing , 2001, ASIACRYPT.

[15]  Shuhong Wang,et al.  New Efficient Proxy Blind Signature Scheme Using Verifiable Self-certified Public Key , 2007, Int. J. Netw. Secur..

[16]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[17]  Germán Sáez,et al.  Revisiting Fully Distributed Proxy Signature Schemes , 2004, INDOCRYPT.

[18]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[19]  M. Mambo,et al.  Proxy Signatures: Delegation of the Power to Sign Messages (Special Section on Information Theory and Its Applications) , 1996 .

[20]  Junliang Chen,et al.  A Delegation Solution for Universal Identity Management in SOA , 2011, IEEE Transactions on Services Computing.

[21]  Eiji Okamoto,et al.  Proxy signatures for delegating signing operation , 1996, CCS '96.

[22]  Fabrice Boudot,et al.  Efficient Proofs that a Committed Number Lies in an Interval , 2000, EUROCRYPT.

[23]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[24]  Xiaohu Yang,et al.  Designated-receiver proxy signature scheme for electronic commerce , 2003, SMC'03 Conference Proceedings. 2003 IEEE International Conference on Systems, Man and Cybernetics. Conference Theme - System Security and Assurance (Cat. No.03CH37483).