Paper 2015/725

The self-blindable U-Prove scheme from FC'14 is forgeable

Eric Verheul, Sietse Ringers, and Jaap-Henk Hoepman

Abstract

Recently an unlinkable version of the U-Prove attribute-based credential scheme was proposed at Financial Crypto '14. Unfortunately, the new scheme is forgeable: if sufficiently many users work together then they can construct new credentials, containing any set of attributes of their choice, without any involvement of the issuer. In this note we show how they can achieve this and we point out the error in the unforgeability proof.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Financial Cryptography 2016
Keywords
anonymous credentialsattribute-based credentials
Contact author(s)
s ringers @ rug nl
History
2016-02-10: last of 2 revisions
2015-07-21: received
See all versions
Short URL
https://ia.cr/2015/725
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/725,
      author = {Eric Verheul and Sietse Ringers and Jaap-Henk Hoepman},
      title = {The self-blindable U-Prove scheme from FC'14 is forgeable},
      howpublished = {Cryptology ePrint Archive, Paper 2015/725},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/725}},
      url = {https://eprint.iacr.org/2015/725}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.