2017
DOI: 10.1016/j.cose.2016.11.018
|View full text |Cite
|
Sign up to set email alerts
|

Fast revocation of attribute-based credentials for both users and verifiers

Abstract: Abstract. Attribute-based credentials allow a user to prove properties about herself anonymously. Revoking such credentials, which requires singling them out, is hard because it is at odds with anonymity. All revocation schemes proposed to date either sacrifice anonymity altogether, require the parties to be online, or put high load on the user or the verifier. As a result, these schemes are either too complicated for low-powered devices like smart cards or they do not scale. We propose a new revocation scheme… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

1
16
0

Year Published

2017
2017
2021
2021

Publication Types

Select...
3
2
1

Relationship

1
5

Authors

Journals

citations
Cited by 15 publications
(17 citation statements)
references
References 29 publications
1
16
0
Order By: Relevance
“…The scheme by Lueks et al [24] constrains the usage of revocation tokens to a specific time epoch and verifier. Revocation checks are performed with epoch specific revocation lists downloaded from a semi-trusted party.…”
Section: Related Workmentioning
confidence: 99%
“…The scheme by Lueks et al [24] constrains the usage of revocation tokens to a specific time epoch and verifier. Revocation checks are performed with epoch specific revocation lists downloaded from a semi-trusted party.…”
Section: Related Workmentioning
confidence: 99%
“…The size of the revocation token per user is also linear with the total number of pseudonyms, which makes it challenging to use short epochs. On the other hand, unlike [55,56], SRBE does not require centralized computations for revocation management and unlike [46], SRBE supports backward unlinkability and constant sized revocation tokens.…”
Section: Revocation In Group Signaturesmentioning
confidence: 99%
“…Expensive revocation check has been a major performance bottleneck for anonymous credential schemes as well. In [55,56], authors proposed an efficient VLR mechanism for anonymous credential systems supporting backward unlinkability. To generate and distribute the revocation list for an epoch, it requires O(R) exponentiation operations of large numbers (expensive) at the revocation authority's end.…”
Section: Revocation In Group Signaturesmentioning
confidence: 99%
“…The revocation scheme [17] for IRMA authentication that has been proposed by the IRMA design team avoids identifiers in revocation that would enable linking the revocation checks to a single user. This scheme involves a semi-trusted party in the system, a Revocation Authority (RA) that is responsible for revoking the credentials.…”
Section: Revocation Of Credentials In Irmamentioning
confidence: 99%
“…In the existing IRMA-revocation scheme [17] the time is split into epochs (time intervals) and the RA chooses a generator for each epoch and each verifier. When a credential is revoked the RA makes a global revocation list RL that consists of revocation tokens R i1..n that are computed from the generators and the individual revocation values of the credential holders.…”
Section: Revocation Of Credentials In Irmamentioning
confidence: 99%