CERCS Technical Reports

GIT-CERCS-07-10

Minimum Information Disclosure with Efficiently Verifiable Credentials

Public-key based certificates provide a standard way to prove one's identity, as certified by some certificate authority (CA). However, standard certificates provide a binary identification: either the whole identity of the subject is known, or nothing is known. We propose using a Merkle hash tree structure, whereby it is possible for a single certificate to certify many separate claims or attributes, each of which may be proved independently, without revealing the others. Additionally, we demonstrate how trees from multiple sources can be combined together by modifying the tree structure slightly. This allows claims by different authorities, such as an employer or professional organization, to be combined under a single certificate, without the CA needing to know (let alone verify) all of the claims. In addition to describing the hash tree structure and protocols for constructing and verifying our proposed credential, we formally prove that it provides unforgeability and privacy and we present initial performance results demonstrating its efficiency.