TY - CONF AB - We present CLARC (Cryptographic Library for Anonymous Reputation and Credentials), an anonymous credentials system (ACS) combined with an anonymous reputation system. Using CLARC, users can receive attribute-based credentials from issuers. They can efficiently prove that their credentials satisfy complex (access) policies in a privacy-preserving way. This implements anonymous access control with complex policies. Furthermore, CLARC is the first ACS that is combined with an anonymous reputation system where users can anonymously rate services. A user who gets access to a service via a credential, also anonymously receives a review token to rate the service. If a user creates more than a single rating, this can be detected by anyone, preventing users from spamming ratings to sway public opinion. To evaluate feasibility of our construction, we present an open-source prototype implementation. AU - Bemmann, Kai AU - Blömer, Johannes AU - Bobolz, Jan AU - Bröcher, Henrik AU - Diemert, Denis Pascal AU - Eidens, Fabian AU - Eilers, Lukas AU - Haltermann, Jan Frederik AU - Juhnke, Jakob AU - Otour, Burhan AU - Porzenheim, Laurens Alexander AU - Pukrop, Simon AU - Schilling, Erik AU - Schlichtig, Michael AU - Stienemeier, Marcel ID - 3265 SN - 978-1-4503-6448-5 T2 - Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES '18 TI - Fully-Featured Anonymous Credentials with Reputation System ER - TY - CONF AB - Group signatures, introduced by Chaum and van Heyst [15], are an important primitive in cryptography. In group signature schemes every group member can anonymously sign messages on behalf of the group. In case of disputes a dedicated opening manager is able to trace signatures - he can extract the identity of the producer of a given signature. A formal model for static group signatures schemes and their security is defined by Bellare, Micciancio, and Warinschi [4], the case of dynamic groups is considered by Bellare, Shi, and Zhang [5]. Both models define group signature schemes with a single opening manager. The main difference between these models is that the number of group members in static schemes is fixed, while in dynamic schemes group members can join the group over time. AU - Blömer, Johannes AU - Juhnke, Jakob AU - Löken, Nils ID - 253 T2 - Proceedings of the Sixth International Conference on Mathematical Aspects of Computer and Information Sciences (MACIS) TI - Short Group Signatures with Distributed Traceability ER -