A Credential-Based System for the Anonymous Delegation of Rights

  • Liesje Demuynck
  • Bart De Decker
  • Wouter Joosen
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 232)


An anonymous delegation system enables individuals to retrieve rights and to delegate different subparts of these rights to different entities. The delegation procedure is anonymous, such that no collusion of entities can track an individual’s delegation behavior. On the other hand, it is ensured that a user cannot abuse her delegation capabilities. This paper introduces a general delegation model and presents an implementation. Our implementation is based on credential systems and provides both anonymity for the individual and security for the organizations.


Security Requirement Service Access Validity Period Credential System Delegation System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Michael Backes, Jan Camenisch, and Dieter Sommer. Anonymous yet accountable access control. In WPES, pages 40–46, 2005.Google Scholar
  2. 2.
    S. A. Brands. Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge, MA, USA, 2000.Google Scholar
  3. 3.
    Stefan Brands, Liesje Demuynck, and Bart De Decker. A practical system for globally revoking the unlinkable pseudonyms of unknown users. Technical Report CW472, Katholieke Universiteit Leuven, 2006.Google Scholar
  4. 4.
    J. Camenisch and A. Lysyanskaya. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In EUROCRYPT, pages 93–118, 2001.Google Scholar
  5. 5.
    Jan Camenisch and Victor Shoup. Practical verifiable encryption and decryption of discrete logarithms. In CRYPTO, pages 126–144, 2003.Google Scholar
  6. 6.
    Jan Camenisch, Dieter Sommer, and Roger Zimmermann, a general certification framework with applications to privacy-enhancing certificate infrastructures. Tech. Rep. RZ 3629, IBM Zurich Research Laboratory, July 2005.Google Scholar
  7. 7.
    Ivan Damgård and Eiichiro Fujisaki. A statistically-hiding integer commitment scheme based on groups with hidden order. In ASIACRYPT, pages 125–142, 2002.Google Scholar
  8. 8.
    Liesje Demuynck and Bart De Decker. Credential-based systems for the anonymous delegation of rights. Technical Report CW468, K.U. Leuven, 2006.Google Scholar
  9. 9.
    Liesje Demuynck and Bart De Decker. How to prove list membership in logarithmic time. Technical Report CW470, Katholieke Universiteit Leuven, 2006.Google Scholar
  10. 10. Anna Lysyanskaya, Ronald L. Rivest, Amit Sahai, and Stefan Wolf. Pseudonym systems. In Selected Areas in Cryptography, pages 184–199, 1999.Google Scholar
  11. 11.
    Torben P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In CRYPTO, pages 129–140, 1991.Google Scholar
  12. 12.
    Sven Wohlgemuth and Günter Müller. Privacy with delegation of rights by identity management. In Günter Müller, editor, ETRICS, volume 3995 of Lecture Notes in Computer Science, pages 175–190. Springer, 2006.Google Scholar

Copyright information

© International Federation for Information Processing 2007

Authors and Affiliations

  • Liesje Demuynck
    • 1
  • Bart De Decker
    • 1
  • Wouter Joosen
    • 1
  1. 1.Department of Computer ScienceKatholieke Universiteit LeuvenHeverleeBelgium

Personalised recommendations