Efficient and Traceable Anonymous Credentials on Smart Cards

Anonymous credential (AC) systems allow users, obtaining a credential on a set of attributes, to anonymously prove ownership of the credential and then to selectively disclose a subset of attributes without leaking any other attributes. Recently, a new type of AC, called keyed-verification anonymous credential (KVAC), has been proposed, which indicates that the credential issuer is also the verifier. Conceptually, the KVAC system is suitable for being used as employee cards, library access cards or eIDs (electronic ID cards). However, since the limited process power of smart cards, most of the existing KVAC systems are hard to be implemented on them. In addition, none of the existing KVAC systems provide traceability to obtain the user’s identity if anyone tries to misbehave with KVAC. In this paper, we present the first efficient and traceable KVAC system designated for smart cards. Our scheme provides the following security properties: unforgeability, anonymity, traceability and unlinkability. To demonstrate the efficiency and feasibility, we present an implementation of our scheme on standard Multos smart cards. The implementation results show that our scheme is efficient enough for practical use.