SEARCH

SEARCH BY CITATION

Keywords:

  • privacy;
  • digital credentials;
  • anonymous credentials;
  • credential transfer;
  • commitment schemes

Abstract

In credential systems, which allow the construction of privacy-preserving access control infrastructures in online environments, credential transfer occurs when Alice gives her private key to another entity who can then freely use Alice's credential as if it was his/her own. Prior approaches to limit credential transfer require tamper-resistant user hardware, or are ineffective against closely knit groups of users who are willing to share personal or valuable information with each other. In this paper we propose a scheme to achieve non-transferability for any malicious, but computationally bounded, legitimate credential owner. Copyright © 2009 John Wiley & Sons, Ltd.