SaTC: CORE: Small: Mercurial Signatures and Applications to Privacy-Preserving Authentication

SaTC：核心：小型：Mercurial 签名和隐私保护身份验证的应用

• 批准号: 2154170
• 负责人: Anna Lysyanskaya
• 金额: $ 49.99万
• 依托单位: Brown University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-07-01 至 2025-06-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2154170&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Mercurial; Signatures

Anonymous credentials allow individuals to prove that they have a set of credentials, issued by some trusted issuer, or a set of issuers, without revealing any other information. Thus, for example, using anonymous credentials, an access provider can make sure that only authorized individuals get to participate in transactions and gain access to various resources, without invading the individuals' privacy. In spite of decades of research, the existence of several implementations and some examples of adoption, practitioners have yet to adopt this technology en masse. One reason that practitioners are having a tough time wrapping their minds around anonymous credentials is that the underlying concepts are complex and have yet to enter the popular lexicon. Another issue is that traditional anonymous credentials do not in fact protect users' privacy as much as we want them to. Efficiency, bandwidth and other practical considerations play a role too. This work addresses these gaps by studying mercurial signatures. Conceptually, mercurial signatures are easier to explain to software engineers and decision makers than traditional anonymous credentials, because unlike the latter they do not require familiarity with cryptographic commitments and zero-knowledge proof systems. Instead, they build off intuition that, by now, many practitioners have from standard digital signatures when it comes to unforgeability, and probabilistic encryption when it comes to unlinkability. They immediately lend themselves to privacy-preserving certification chains and delegatable anonymous credentials. And their efficient realization translates to efficient privacy-preserving authentication with strong composition guarantees.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

匿名凭证允许个人证明自己有一套凭据，由一些受信任的发行人或一组发行人发行，而无需透露任何其他信息。 因此，例如，使用匿名凭证，访问提供商可以确保只有授权的个人才能参与交易并获得各种资源的访问，而无需侵犯个人的隐私。尽管有数十年的研究，但存在几种实施和一些采用例子，从业者尚未采用这项技术。从业人员艰难地将自己的思想围绕匿名证书而努力的原因之一是，基本概念很复杂，并且尚未进入流行的词典。另一个问题是，传统的匿名凭证实际上并没有像我们想要的那样保护用户的隐私。效率，带宽和其他实际考虑因素也起着作用。这项工作通过研究水泥签名来解决这些差距。从概念上讲，与传统的匿名凭证相比，Mercurial签名更容易向软件工程师和决策者解释，因为与后者不同，他们不需要熟悉加密承诺和零知识证明系统。取而代之的是，他们建立了直觉，到目前为止，许多从业者在不强制性的情况下从标准的数字签名中拥有的，并且在无界性方面的概率加密。他们立即借助保护隐私的认证链和可授权的匿名证书。他们的有效实现将具有强大组成保证的有效保存身份验证转化为有效的隐私身份验证。该奖项反映了NSF的法定任务，并被认为是值得通过基金会的知识分子优点和更广泛的影响评估标准通过评估来支持的。