Coconut: Threshold Issuance Selective Disclosure Credentials with Applications to Distributed Ledgers
This addresses the need for confidential, authentic, and available credentials in distributed ledgers, enabling applications like anonymous payments and censorship resistance, though it builds incrementally on existing credential schemes.
The paper tackles the problem of secure and private credential issuance in distributed systems by introducing Coconut, a selective disclosure credential scheme that supports threshold issuance and integrates with blockchains. The result is a system with short, efficient credentials, where cryptographic operations take just a few milliseconds on average, with verification at 10 milliseconds.
Coconut is a novel selective disclosure credential scheme supporting distributed threshold issuance, public and private attributes, re-randomization, and multiple unlinkable selective attribute revelations. Coconut integrates with blockchains to ensure confidentiality, authenticity and availability even when a subset of credential issuing authorities are malicious or offline. We implement and evaluate a generic Coconut smart contract library for Chainspace and Ethereum; and present three applications related to anonymous payments, electronic petitions, and distribution of proxies for censorship resistance. Coconut uses short and computationally efficient credentials, and our evaluation shows that most Coconut cryptographic primitives take just a few milliseconds on average, with verification taking the longest time (10 milliseconds).