PERCE: A Permissioned Redactable Credentials Scheme for a Period of Membership

Abstract

The anonymous credential has broad-ranging applications, for example for the pay-as-you-go strategy in the electronic subscription. However, the ‘plain vanilla’ pay-as-you-go strategy may not be suitable for non-regular users since the latter group is likely to require a tighter identity supervision mechanism. We also note that a key building block in the construction of an anonymous credential system is identity supervision. Since identity supervision is more than revocation, the approach to regulating user behavior needs to be both reasonable and practical. In a situation where the user is allowed to control their own identities, the latter approach could be more flexible compared to the revocation. There are existing works about the limitation on the k-times or epochs. However, due to the weaknesses of these single limitations, the combination of the customized k-times and epochs is necessary and remains to be done. In this paper, we present a permissioned redactable credentials scheme, which allows fine-grained supervision, user control, and user redaction. In our approach, we choose times and epochs as the regulation dimensions, which limits users invoke the credential show method for customized times in each epoch determined by the certificate authority. The users could also redact their credentials to realize selective disclosure. We then evaluate the proposed scheme’s performance and present a comparative summary to demonstrate potential utility.