Abstract
The increasing user awareness and regulatory framework (e.g., GDPR, eIDAS2) have contributed to considering data minimization and privacy-by-design as central guiding principles for new systems. Among others, this has led to a paradigm shift towards Self-Sovereign Identity solutions to put the user in full control over their data. Despite the promising landscape, privacy-preserving Attribute-Based Credentials (p-ABC) have not been widely adopted, mainly due to the lack of secure, flexible and efficient implementations that cover the basic and advanced needs in p-ABC systems. In this work, we tackle this gap by developing an improved zero-knowledge showing protocol of a distributed p-ABC scheme based on Pointcheval-Sanders Multi-Signatures to allow for modular extensions through commit-and-prove techniques. We use it to implement a flexible p-ABC system with decentralized issuance that, apart from the basic notions of p-ABCs, covers range proofs, pseudonyms, inspection and revocation. Lastly, we thoroughly evaluate the performance of the system under different testbed conditions, showing a significant efficiency improvement over previous implementations.
Original language | English |
---|---|
Article number | 110498 |
Number of pages | 18 |
Journal | Computer Networks |
Volume | 248 |
Issue number | C |
DOIs | |
Publication status | Published - Jun 2024 |
Research Field
- Cyber Security
Keywords
- Privacy
- Attribute-Based-Credentials
- Zero-Knowledge