Anonymous Credential Scheme Supporting Active Revocation

Abstract

With the rapid development of electronic commerce, digital credentials are used with increasing frequency. Today users employing digital credentials not only complete the identity authentication process and obtain service, but also attach importance to their anonymity with the concept of privacy protection that is being rapidly developed. For this reason, anonymous credential mechanisms are being increasingly studied. However, while anonymous credentials provide privacy protection for users, the question of how to manage the credentials is a problem for issuers and service providers. In recent years, many literatures have proposed that the revocation list is a challenge to effectively implement, while users and credential consumers receive the corresponding revocation list with massive computational costs. In this paper, we present an improved anonymous credential revocation mechanism in which we examine how users not only provide passive revocation management but must spend considerable time in computational terms. We distribute the permission of revocation to the issuer and the service provider. The revocation phase can be executed only if both issuer and service provider permit, so users are not afraid that the issuer or service provider will access their private information. In addition, the issuer and the service provider can also manage illegal users. Consequently, online service systems can be more widely used. Further, we add a mechanism of time-revocation, which sets a time limit on the revocability of the anonymous credentials. This capability enables the issuer to more effectively manage the revocation phase.