Research

Anonymous Verifiable Credentials Eliminate Tracking While Preserving Digital Identity Verification

Anonymous Verifiable Credentials combine unlinkable authentication and verifiable credentials, using service-specific pseudonyms for private identity.
September 19, 20253 min

The image displays a close-up of a sleek, translucent blue object with a prominent brushed metallic band. A small, circular, luminous blue button or indicator is embedded in the center of the metallic band
A metallic Bitcoin coin with intricate circuit patterns sits centrally on a complex array of silver-toned technological components and wiring. The surrounding environment consists of dense, blue-tinted machinery, suggesting a sophisticated computational system designed for high-performance operations

Briefing

Traditional digital identity systems, including Verifiable Credentials (VCs) with Decentralized Identifiers (DIDs), enable pervasive digital surveillance and cross-service user tracking due to persistent personal identifiers. The Anonymous Verifiable Credentials (AVC) framework proposes a novel mechanism that combines VCs with User-issued Unlinkable Single Sign-On (U2SSO), binding credentials to service-specific pseudonyms. This new theory fundamentally redefines privacy in digital identity, offering a path towards surveillance-resistant digital interactions that empower users with control over their data while meeting stringent institutional verification requirements.

A translucent blue, rectangular device with rounded edges is positioned diagonally on a smooth, dark grey surface. The device features a prominent raised rectangular section on its left side and a small black knob with a white top on its right

Context

While Verifiable Credentials (VCs) offered selective disclosure and user control, their reliance on persistent personal identifiers (PIDs), often Decentralized Identifiers (DIDs), created a fundamental privacy vulnerability. This allowed service providers, or even colluding entities, to link user interactions across multiple services, undermining the very privacy benefits VCs aimed to provide and leading to comprehensive behavioral profiling.

A sophisticated, multi-component device showcases transparent blue panels revealing complex internal mechanisms and a prominent silver control button. The modular design features stacked elements, suggesting specialized functionality and robust construction

Analysis

The Anonymous Verifiable Credentials (AVC) framework constitutes a novel integration of existing mechanisms → Verifiable Credentials (VCs) and User-issued Unlinkable Single Sign-On (U2SSO). Users establish a master identity with an Identity Registry. For each service interaction, a unique, service-specific pseudonym is cryptographically derived from this master identity. Verifiable Credentials are then bound to these pseudonyms.

When a user presents a credential, they also provide a zero-knowledge proof of legitimate membership in an anonymity set, without revealing their specific master identity. Previous VC systems bound credentials to persistent identifiers, which enabled cross-service tracking. AVC’s core distinction lies in binding credentials to ephemeral, service-specific pseudonyms, ensuring unlinkability across different service providers, even in scenarios of collusion.

A detailed close-up reveals a complex, futuristic mechanical assembly composed of brushed metallic segments. Integrated within this structure is a vibrant blue, translucent substance, flowing and covered with a layer of delicate white foam or bubbles

Parameters

  • Core Concept → Anonymous Verifiable Credentials (AVC) Framework
  • New System/Protocol → Anonymous Verifiable Credentials (AVC)
  • Key Authors → Cirkovic Marko, Barbaraci Mariarosaria, Alupotha Jayamine, Cachin Christian
  • Related Protocol → User-issued Unlinkable Single Sign-On (U2SSO)
  • Implementation Context → Swiss Electronic Provisional Driving License Program (eLFA)

A luminous, multi-faceted crystal extends from a detailed, segmented blue and white structure, hinting at advanced technological integration. This imagery evokes the core components of decentralized finance and secure digital asset management

Outlook

The AVC framework, demonstrated in the Swiss eLFA program, paves the way for widespread adoption of privacy-preserving digital identity across various sectors. In 3-5 years, this could unlock truly private online interactions for finance, healthcare, and government services, where individuals can prove necessary attributes without fear of persistent tracking or profiling. It opens avenues for further research into optimizing the computational efficiency of pseudonym derivation and proof generation for resource-constrained devices, as well as exploring its integration with other privacy-enhancing technologies.

A translucent blue device with a smooth, rounded form factor is depicted against a light grey background. Two clear, rounded protrusions, possibly interactive buttons, and a dark rectangular insert are visible on its surface

Verdict

This research fundamentally redefines the balance between digital identity verification and user privacy, establishing a new paradigm for surveillance-resistant decentralized identity systems.

Signal Acquired from → unibe.ch

Micro Crypto News Feeds

decentralized identifiers

Definition ∞ Decentralized Identifiers, or DIDs, are a new type of identifier that enables verifiable, decentralized digital identity.

verifiable credentials

Definition ∞ Verifiable Credentials are digital, tamper-evident attestations of qualifications, identity attributes, or other claims that can be cryptographically verified by a third party.

framework

Definition ∞ A framework provides a foundational structure or system that can be adapted or extended for specific purposes.

service providers

Definition ∞ Service providers are entities that offer specialized services to individuals or other businesses.

digital identity

Definition ∞ Digital identity refers to the unique set of attributes and credentials that represent an individual or entity in the digital realm.

decentralized identity

Definition ∞ Decentralized identity is a digital identity system where individuals control their own identity data without relying on a central provider.

Tags:

Tags: