Publicly Auditable Privacy Revocation in Practice

Abstract: PAPR Credentials is the name of a not yet published credential scheme that provides conditional privacy for its users. This means that an administrator can choose to revoke a user's anonymity. Doing so, however, the administrator must broadcast her intention, as the success of the privacy revocation depends on the help of other users, since the administrator does not have access to sufficient information to do it alone. In this thesis, we provide a PAPR Credentials implementation that we use to examine system characteristics. We focus on how different system parameters impact three properties: the computational load for an arbitrary user, revocation delay, and when revocations begin to fail due to the number of previous revocations. On top of PAPR, we construct an example application called PAPR Money, in which the users can transfer bitcoin to one another pseudonymously. In case of suspected money laundering or terrorist financing, the underlying PAPR Credentials scheme facilitates the ability to revoke anonymity. We have also produced the first implementations of Schoenmakers' Publicly Verifiable Secret Sharing scheme (PVSS) in Python that we are aware of. Schoenmakers' PVSS is a crucial component of PAPR Credentials. Our results show how the computational load changes with different sets of system parameters and how the system parameters are key to determining both revocation delay and revocation failure.