Expand description
Implements Keyed-Verification Anonymous Credentials (KVAC) schemes from the following papers. KVACs are supposed to be verified by the issuer only (or anyone who shares the issuer’s key)
- Improved Algebraic MACs and Practical Keyed-Verification Anonymous Credentials is implemented here
- Fast Keyed-Verification Anonymous Credentials on Standard Smart Cards is specified here but is pending implementation.
Both implementations support additional verification methods that allow joint verification of proof of possession of credentials where one of the verifier is the issuer who knows the secret key and another verifier does not know secret key but learns the revealed attributes which are not shared with the issuer. This lets us build for a use-case where issuer wants to allow anytime its issued credential is used (eg. to get paid by the verifier) while still not harming the user’s privacy as it doesn’t learn any revealed attributes.
Modules§
- Implements KVAC from Improved Algebraic MACs and Practical Keyed-Verification Anonymous Credentials An alternate implementation of proof of knowledge of MAC is added which is adapted from the protocol to prove knowledge of BBS+ signatures described in section 4.5 of the paper Anonymous Attestation Using the Strong Diffie Hellman Assumption Revisited
- Implements KVAC from Fast Keyed-Verification Anonymous Credentials on Standard Smart Cards