Anonymous credentials with practical revocation

The purpose of anonymous credentials is to bring more privacy to digital communication. By using anonymous credentials, users can anonymously prove the possession of personal attributes. The attributes can represent any personal information, including age, citizenship or birthplace. Unfortunately, existing credential schemes miss practical revocation features for revoking invalid, malicious or expired users. Although many revocation techniques were proposed in the literature during last decade, none of them is practical on off-line, computationally weak devices like smart-cards. This prevents anonymous credentials from being used as electronic IDs (eIDs). In this paper, we introduce the first anonymous credential scheme providing practical revocation features implementable on existing, commercially available smart-cards. Moreover, our scheme provides features for the de-anonymization of malicious users. Finally, the experimental results from our .NET and MULTOS smart-card implementation are presented.