{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T01:11:15Z","timestamp":1777338675175,"version":"3.51.4"},"publisher-location":"Cham","reference-count":37,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032018861","type":"print"},{"value":"9783032018878","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-032-01887-8_11","type":"book-chapter","created":{"date-parts":[[2025,8,16]],"date-time":"2025-08-16T19:17:14Z","timestamp":1755371834000},"page":"325-357","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Multi-Holder Anonymous Credentials from\u00a0BBS Signatures"],"prefix":"10.1007","author":[{"given":"Andrea","family":"Flamini","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eysa","family":"Lee","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anna","family":"Lysyanskaya","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,8,17]]},"reference":[{"key":"11_CR1","unstructured":"Mobile Driver\u2019s License (mDL) implementation guidelines, version 1.2. https:\/\/www.aamva.org\/topics\/mobile-driver-license, 01 2023"},{"key":"11_CR2","doi-asserted-by":"crossref","unstructured":"Au, M.H., Susilo, W., Mu, Y.: Constant-size dynamic k-TAA. In: SCN 2006, volume 4116 of LNCS, pp. 111\u2013125 (2006)","DOI":"10.1007\/11832072_8"},{"issue":"2","key":"11_CR3","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/s00145-007-9005-7","volume":"21","author":"D Boneh","year":"2008","unstructured":"Boneh, D., Boyen, X.: Short signatures without random oracles and the sdh assumption in bilinear groups. J. Cryptol. 21(2), 149\u2013177 (2008)","journal-title":"J. Cryptol."},{"key":"11_CR4","unstructured":"Baum, C., et al.: Cryptographers\u2019 feedback on the eu digital identity\u2019s ARF. https:\/\/github.com\/user-attachments\/files\/15904122\/cryptographers-feedback.pdf (2024)"},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Annual International Cryptology Conference, pp. 41\u201355. Springer (2004)","DOI":"10.1007\/978-3-540-28628-8_3"},{"key":"11_CR6","unstructured":"Battagliola, M., Flamini, A.: Distributed fiat-shamir transform: from threshold identification protocols to signatures. Cryptology ePrint Archive (2024)"},{"key":"11_CR7","doi-asserted-by":"crossref","unstructured":"Brickell, E., Li, J.: A pairing-based daa scheme further reducing tpm resources. In: International Conference on Trust and Trustworthy Computing, pp. 181\u2013195. Springer (2010)","DOI":"10.1007\/978-3-642-13869-0_12"},{"key":"11_CR8","doi-asserted-by":"crossref","unstructured":"Bacho, R., Loss, J., Tessaro, S., Wagner, B., Zhu, C.: Twinkle: threshold signatures from ddh with full adaptive security. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 429\u2013459. Springer (2024)","DOI":"10.1007\/978-3-031-58716-0_15"},{"key":"11_CR9","doi-asserted-by":"crossref","unstructured":"Chen, M., Dey, P., Ganesh, C., Mukherjee, P., Sarkar, P., Sasmal, S.: Universally composable non-interactive zero-knowledge from sigma protocols via a new straight-line compiler. Cryptology ePrint Archive (2024)","DOI":"10.1007\/978-3-031-91820-9_13"},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"Camenisch, J., Drijvers, M., Lehmann, A.: Anonymous attestation using the strong diffie hellman assumption revisited. In: Trust and Trustworthy Computing: 9th International Conference, TRUST 2016, Vienna, Austria, 29\u201330 August 2016, Proceedings 9, pp. 1\u201320. Springer (2016)","DOI":"10.1007\/978-3-319-45572-3_1"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Cachin, C., Kursawe, K., Lysyanskaya, A., Strobl, R.: Asynchronous verifiable secret sharing and proactive cryptosystems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 88\u201397 (2002)","DOI":"10.1145\/586110.586124"},{"key":"11_CR12","doi-asserted-by":"crossref","unstructured":"Crites, E., Komlo, C., Maller, M.: Fully adaptive schnorr threshold signatures. In: Handschuh, H., Lysyanskaya, A. (eds.) Advances in Cryptology \u2013 CRYPTO 2023, pp. 678\u2013709, Springer, Cham (2023)","DOI":"10.1007\/978-3-031-38557-5_22"},{"key":"11_CR13","doi-asserted-by":"crossref","unstructured":"Crites, E., Komlo, C., Maller, M.: Fully adaptive schnorr threshold signatures. Cryptology ePrint Archive (2023)","DOI":"10.1007\/978-3-031-38557-5_22"},{"key":"11_CR14","doi-asserted-by":"crossref","unstructured":"Camenisch, J., Lysyanskaya, A.: An efficient system for nontransferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.), Advances in Cryptology - EUROCRYPT 2001, International Conference on the Theory and Application of Cryptographic Techniques, Innsbruck, Austria, 6\u201310 May 2001, Proceeding, vol. 2045, LNCS, pp. 93\u2013118. Springer (2001)","DOI":"10.1007\/3-540-44987-6_7"},{"key":"11_CR15","doi-asserted-by":"crossref","unstructured":"Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Security in Communication Networks: Third International Conference, SCN 2002 Amalfi, Italy, 11\u201313 September 2002 Revised Papers 3, pp. 268\u2013289. Springer (2003)","DOI":"10.1007\/3-540-36413-7_20"},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Annual International Cryptology Conference, pp. 56\u201372. Springer (2004)","DOI":"10.1007\/978-3-540-28628-8_4"},{"issue":"4","key":"11_CR17","doi-asserted-by":"publisher","first-page":"1157","DOI":"10.1007\/s00145-016-9245-5","volume":"30","author":"R Cohen","year":"2017","unstructured":"Cohen, R., Lindell, Y.: Fairness versus guaranteed output delivery in secure multiparty computation. J. Cryptol. 30(4), 1157\u20131186 (2017)","journal-title":"J. Cryptol."},{"key":"11_CR18","doi-asserted-by":"crossref","unstructured":"Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: Proceedings of the Tthiry-Fourth Annual ACM Symposium on Theory of Computing, pp. 494\u2013503 (2002)","DOI":"10.1145\/509907.509980"},{"key":"11_CR19","doi-asserted-by":"crossref","unstructured":"Jack Doerner, Yashvanth Kondi, Eysa Lee, abhi shelat, and LaKyah Tyner. Threshold bbs+ signatures for distributed anonymous credential issuance. In 2023 IEEE Symposium on Security and Privacy (SP), pages 773\u2013789. IEEE, 2023","DOI":"10.1109\/SP46215.2023.10179470"},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"Marc Fischlin. Communication-efficient non-interactive proofs of knowledge with online extractors. In Annual International Cryptology Conference, pages 152\u2013168. Springer, 2005","DOI":"10.1007\/11535218_10"},{"key":"11_CR21","doi-asserted-by":"crossref","unstructured":"Andrea Flamini, Eysa Lee, and Anna Lysyanskaya. Multi-holder anonymous credentials from bbs signatures. Cryptology ePrint Archive, 2024","DOI":"10.1007\/978-3-032-01887-8_11"},{"key":"11_CR22","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2024.103789","volume":"83","author":"A Flamini","year":"2024","unstructured":"Flamini, A., Sciarretta, G., Scuro, M., Sharif, A., Tomasi, A., Ranise, S.: On cryptographic mechanisms for the selective disclosure of verifiable credentials. Journal of Information Security and Applications 83, 103789 (2024)","journal-title":"Journal of Information Security and Applications"},{"key":"11_CR23","doi-asserted-by":"crossref","unstructured":"Steven\u00a0D Galbraith, Kenneth\u00a0G Paterson, and Nigel\u00a0P Smart. Pairings for cryptographers. Discrete Applied Mathematics, 156(16):3113\u20133121, 2008","DOI":"10.1016\/j.dam.2007.12.010"},{"key":"11_CR24","doi-asserted-by":"crossref","unstructured":"Lucjan Hanzlik and Daniel Slamanig. With a little help from my friends: Constructing practical anonymous credentials. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pages 2004\u20132023, 2021","DOI":"10.1145\/3460120.3484582"},{"key":"11_CR25","unstructured":"Julia Hesse, Nitin Singh, and Alessandro Sorniotti. How to bind anonymous credentials to humans. In 32nd USENIX Security Symposium (USENIX Security 23), pages 3047\u20133064, Anaheim, CA, August 2023. USENIX Association"},{"key":"11_CR26","doi-asserted-by":"crossref","unstructured":"Yuval Ishai, Rafail Ostrovsky, and Vassilis Zikas. Secure multi-party computation with identifiable abort. In Advances in Cryptology\u2013CRYPTO 2014: 34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2014, Proceedings, Part II 34, pages 369\u2013386. Springer, 2014","DOI":"10.1007\/978-3-662-44381-1_21"},{"key":"11_CR27","doi-asserted-by":"crossref","unstructured":"Jonathan Katz and Yehuda Lindell. Introduction to modern cryptography: principles and protocols. Chapman and hall\/CRC, 2007","DOI":"10.1201\/9781420010756"},{"key":"11_CR28","doi-asserted-by":"crossref","unstructured":"Marcel Keller, Gert L\u00e6ss\u00f8e Mikkelsen, and Andy Rupp. Efficient threshold zero-knowledge with applications to user-centric protocols. In Information Theoretic Security: 6th International Conference, ICITS 2012, Montreal, QC, Canada, August 15-17, 2012. Proceedings 6, pages 147\u2013166. Springer, 2012","DOI":"10.1007\/978-3-642-32284-6_9"},{"key":"11_CR29","doi-asserted-by":"crossref","unstructured":"Yashvanth Kondi and Abhi Shelat. Improved straight-line extraction in the random oracle model with applications to signature aggregation. In International Conference on the Theory and Application of Cryptology and Information Security, pages 279\u2013309. Springer, 2022","DOI":"10.1007\/978-3-031-22966-4_10"},{"issue":"07","key":"11_CR30","first-page":"2020","volume":"327\u2013355","author":"W Lueks","year":"2020","unstructured":"Lueks, W., Hampiholi, B., Alp\u00e1r, G., Troncoso, C.: Tandem: Securing keys by using a central server while preserving privacy. Proceedings on Privacy Enhancing Technologies 327\u2013355(07), 2020 (2020)","journal-title":"Proceedings on Privacy Enhancing Technologies"},{"key":"11_CR31","unstructured":"Tobias Looker, Vasilis Kalos, Andrew Whitehead, and Mike Lodder. The BBS Signature Scheme. Internet-Draft draft-irtf-cfrg-bbs-signatures-01, Internet Engineering Task Force, October 2022. Work in Progress"},{"key":"11_CR32","doi-asserted-by":"crossref","unstructured":"Anna Lysyanskaya and Leah\u00a0Namisa Rosenbloom. Universally composable $$\\sigma $$-protocols in the global random-oracle model. In Theory of Cryptography Conference, pages 203\u2013233. Springer, 2022","DOI":"10.1007\/978-3-031-22318-1_8"},{"key":"11_CR33","doi-asserted-by":"crossref","unstructured":"Jamal\u00a0H Mosakheil and Kan Yang. Silentproof: Anonymous authentication with blockchain-backed offloading. In Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, pages 1361\u20131377, 2024","DOI":"10.1145\/3634737.3637635"},{"key":"11_CR34","doi-asserted-by":"crossref","unstructured":"Torben\u00a0Pryds Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In Annual international cryptology conference, pages 129\u2013140. Springer, 1991","DOI":"10.1007\/3-540-46766-1_9"},{"key":"11_CR35","doi-asserted-by":"crossref","unstructured":"David Pointcheval and Olivier Sanders. Short randomizable signatures. In Topics in Cryptology-CT-RSA 2016: The Cryptographers\u2019 Track at the RSA Conference 2016, San Francisco, CA, USA, February 29-March 4, 2016, Proceedings, pages 111\u2013126. Springer, 2016","DOI":"10.1007\/978-3-319-29485-8_7"},{"issue":"11","key":"11_CR36","doi-asserted-by":"publisher","first-page":"612","DOI":"10.1145\/359168.359176","volume":"22","author":"A Shamir","year":"1979","unstructured":"Shamir, A.: How to share a secret. Communications of the Association for Computing Machinery 22(11), 612\u2013613 (1979)","journal-title":"Communications of the Association for Computing Machinery"},{"key":"11_CR37","doi-asserted-by":"crossref","unstructured":"Stefano Tessaro and Chenzhi Zhu. Revisiting bbs signatures. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 691\u2013721. Springer, 2023","DOI":"10.1007\/978-3-031-30589-4_24"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-01887-8_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,16]],"date-time":"2025-10-16T13:37:46Z","timestamp":1760621866000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-01887-8_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783032018861","9783032018878"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-01887-8_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"17 August 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 August 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 August 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"45","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}