U-Prove Designated-Verifier Accumulator Revocation Extension

MSR-TR-2013-87 |

This document extends the U-Prove Cryptographic Specification [UPCS] by specifying an efficient revocation mechanism based on a dynamic accumulator. This scheme requires a designated verifier that shares the Revocation Authority’s private key. Unlike many accumulator schemes based on bilinear pairings, this scheme is built using a prime-order group (like the ones defined in [UPCS]) and is therefore suitable for system that require standard constructions.

This document is a draft and subject to change. This document was updated on 02/26/2014.