U-Prove

Overview

A U-Prove token is a type of credential similar to a PKI certificate that can encode attributes of any type, but with two important differences:

1) The issuance and presentation of a token is unlinkable due to the special type of public key and signature encoded in the token; the cryptographic “wrapping” of the attributes contain no correlation handles. This prevents unwanted tracking of users when they use their U-Prove tokens, even by colluding insiders.

2) Users can minimally disclose information about what attributes are encoded in a token in response to dynamic verifier policies. As an example, a user may choose to only disclose a subset of the encoded attributes, prove that her undisclosed name does not appear on a deny list, or prove that she is of age without disclosing her actual birthdate.

These user-centric aspects make the U-Prove technology ideally suited to creating the digital equivalent of paper-based credentials and the plastic ID cards in one’s wallet.

Microsoft has made available the foundational features of the technology by releasing the core U-Prove specifications under the Open Specification Promise. The core cryptographic scheme has been standardized in ISO/IEC 18370-2:2016 (opens in new tab) (Blind digital signatures — Part 2: Discrete logarithm based mechanisms).

News

Update to the cryptographic specification (opens in new tab) and technology overview (opens in new tab), and release of a new JSON framework (March 2023)
A new TypeScript Node reference implementation (opens in new tab) has been released (November 2022)
Revision 4 of the specification has been released, addressing a potential issue with parallel issuance of tokens in some settings. (November 2022)
We released a new paper describing the various revocation mechanisms available to developers, along with an update to the U-Prove extensions SDK (opens in new tab). (Sept 2014)
We released a JavaScript SDK (opens in new tab) implementing the U-Prove client-side protocol. (July 2014)
We released new U-Prove extensions for collaborative issuance (opens in new tab), bit decomposition (opens in new tab), designated-verifier accumulator revocation (opens in new tab), equality (opens in new tab), inequality (opens in new tab), set membership (opens in new tab), and range (opens in new tab) proofs, along with a SDK implementing them. A paper (opens in new tab) describing the new features is also available. (July 2014)
Revision 3 of the specification and the C# SDK have been released. The cryptographic protocols have been modified to support interoperability with the ABC4Trust (opens in new tab) architecture. (December 2013)
New Privacy vs. Accountability in Identity Systems (opens in new tab) paper, along with revocation (opens in new tab) and ID escrow (opens in new tab) extensions for U-Prove, released at the Trusted Computing Conference (September 11th 2013).
MSR researchers published a new efficient MAC-based credential scheme (opens in new tab) providing multi-show unlinkability (August 2013).
Revision 2 of the specification and the C# SDK have been released. This release features an optimized token issuance protocol, and an ability to present scope-exclusive pseudonyms and to generate cryptographic commitments from attribute values. (April 2013)
U-Prove presented at NIST’s Privacy-Enhancing Cryptography Workshop (opens in new tab) (December 9th 2011)
Kuppinger Cole awarded U-Prove with a Best Innovation award (opens in new tab) in the category of Outstanding projects and initiatives in Identity Management
The International Association of Privacy Professionals honored U-Prove with a Technology Innovation award
Fraunhofer Fokus was honored with the TeleTrusT Technology Innovation Award for their work with Microsoft on privacy-enhancing identity systems
Scott Charney featured the U-Prove HealthVault registration demo in his RSA 2011 Keynote

U-Prove

Overview

Links

News