Paper 2024/2013
Crescent: Stronger Privacy for Existing Credentials
Abstract
We describe Crescent, a construction and implementation of privacy-preserving credentials. The system works by upgrading the privacy features of existing credentials, such as JSON Web Tokens (JWTs) and Mobile Driver’s License (mDL) and as such does not require a new party to issue credentials. By using zero-knowledge proofs of possession of these credentials, we can add privacy features such as selective disclosure and unlinkability, without help from credential issuers. The system has practical performance, offering fast proof generation and verification times (tens of milliseconds) after a once-per-credential setup phase. We give demos for two practical scenarios, proof of employment for benefits eligibility (based on an employer-issued JWT), and online age verification (based on an mDL). We provide an open-source implementation to enable further research and experimentation. This paper is an early draft describing our work, aiming to include enough material to describe the functionality, and some details of the internals of our new library, available at https://github.com/microsoft/crescent-credentials.
Metadata
- Available format(s)
-
PDF
- Category
- Applications
- Publication info
- Preprint.
- Keywords
- PrivacyAnonymous Credentialszero-knowledge proofs
- Contact author(s)
-
cpaquin @ microsoft com
guruvamsi policharla @ gmail com
gregz @ microsoft com - History
- 2024-12-13: approved
- 2024-12-13: received
- See all versions
- Short URL
- https://ia.cr/2024/2013
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/2013,
author = {Christian Paquin and Guru-Vamsi Policharla and Greg Zaverucha},
title = {Crescent: Stronger Privacy for Existing Credentials},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/2013},
year = {2024},
url = {https://eprint.iacr.org/2024/2013}
}
