Anonymous Attribute Certificates based on Traceable Signatures

V. Benjumea, J. Lopez, and J. M. Troya.

Abstract

Anonymous attribute certificates were introduced by Benjumea et. al in PKC'04 in order to integrate anonymity capabilities in the standardized X.509 attribute certificates. That solution was based on the use of fair-blind signatures, but did not explore further possibilities of constructing similar data structures based on more advanced signature schemes. In this paper, we propose a new type of anonymous attribute certificates that is based on the recently proposed traceable signature scheme by Kiayias et al. in Eurocrypt'04, providing a new anonymous authorization solution with interesting features that were not covered with the aforementioned solution. Thus, this new solution allows users to make use of their attribute certificates in an anonymous way, but under certain circumstances it allows to disclose the users' identities, trace the transactions carried out by any specific user, or revoke any anonymous attribute certificate. An additional contribution of this work is that it pays special attention to the preservation of the unlinkability property between transactions, making impossible the creation of anonymous user profiles.

Keywords: authorization, privilege, anonymity, credential