Anonymous Credentialing Systems

One way to understand digital credentials is to think of their paper-based counterparts. Consider a passport, driver’s license, membership card, or some other ticket for a service. Digital credentials prove authorization, qualification, competence, or a clearance level that has been conferred upon an individual. They also indicate something about their owner. Anonymous digital credentials typically include some element of encryption, but still serve the purpose of proving something about the people who hold them. This article takes a closer look at anonymous credentialing systems.

What is a credentialing system?

A credentialing system is one in which users are able to obtain credentials from organizations and demonstrate possession of these credentials. These systems are anonymous when transactions carried out by the same user cannot be linked. Anonymous credential systems are important, as they offer the best means of providing privacy for users.

Basic credential systems have three types of players:

1)                          Users – entities that receive credentials. The set of users in a system may grow over time.

2)                          Organizations – entities that grant and verify the credentials of the users. Each organization grants a specific type of credential to its users. This player is also known as the “issuer.”

3)                          Verifiers – entities that verify credentials of the users.

Variations of a credential system allow a single organization to issue its users different types of credentials. Basic credential systems are made up of protocols for a user to join the system, register with an organization, obtain multi-show credentials and show such credentials.

How are credentials used?

Consider the classic “wine shop” use case, in which the user is the customer, the verifier is the wine merchant and the organization is the government. The user engages in an issue protocol with the organization, in order to obtain a valid credential based on a certain set of attributes. The credential is valid under the organization’s public key (PK), of which only the organization knows the corresponding secret key (SK).

Basically, the issue protocol is a two-round interaction in which the user submits a request containing his/her attributes and the organization certifies the fact that the user has the claimed attributes by returning the credential.

In general terms, the credentials can be generated through a multi-round interaction. The user convinces a verifier that he/she has a certain set of attributes by engaging in a show protocol. This can be either a simple, two-round protocol, or a more complex, multi-round interaction.

What is an anonymous credential?

A straightforward way for the user to convince a verifier of her list of attributes would be to transmit his/her credential to the verifier. However, this approach is problematic, as it forces the user to reveal all of his/her attributes so that the verifier can check the signature. Also, the verifier can then reuse the credential to impersonate the user, with respect to other verifiers.

By contrast, anonymous credentials can be imagined as a digital signature by the organization on a list of attribute-value pairs. Anonymous credentials make it so that the user doesn’t have to transmit the credential itself, rather he/she uses it to convince the verifier that his/her attributes satisfy certain properties. In this case, no additional information about the credential, other than the shown properties, is leaked.

Anonymous credentials ensure that the verifier does not reuse the credential for impersonation. Another advantage is that anonymous credentials allow users to reveal selected subsets of their attributes. Ultimately, anonymous credential systems enable users to authenticate themselves in a manner that protects their privacy.


Credential systems enable users to obtain credentials from organizations and demonstrate possession of these credentials. There are three types of players in a basic credential system: users, organizations and verifiers. Such systems are made up of protocols for a user to join the system, register with an organization, obtain multi-show credentials and show such credentials. Anonymous credential systems allow users to authenticate themselves while still protecting their privacy. This article takes a look at the advantages and disadvantages of credential systems and anonymous credential systems.

CIPP Exam Preparation

In preparation for the Certified Information Privacy Professional/Information Technology (CIPP/IT) exam, a privacy professional should be comfortable with topics related to this post, including:

  • Applications of anonymity tools – credentialing (III.E.c.iii.4.)

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>