Cryptic allows the implementation of digital certificates with advanced properties to protect privacy. Examples are provided with the library.
Cryptic is a free software library released under the GNU GPL v2 and above license. Cryptic is written in C language and relies on glib and openssl. The version 1.1.1 provides bindings for the Python and Java languages.
The stake is privacy. Cryptic helps in reducing the certified information disclosed to verifiers. The certificates have the following properties:
- Selective disclosure of content
- Proofs on certificate content
- Unlinkability between certificate issuing and showing transactions
- Tarball version 1.1.1 : cryptic-1.1.1.tar.gz
- Repository: firstname.lastname@example.org:cryptic.git
- Public key for tags signature
- The CL-Signature from the Camenisch and Lysyanskaya works
- The Schnorr zero-knowledge proof of knowledge protocol
- Range proofs on quantities
To go further...¶
The Cryptic library can be used to create certificates of different formats allowing the selective disclosure of content and to lead proofs of properties on signed attributes. The goal is a fine-grained information disclosure for off-line certificates. Such certificates can be used multiple times without re-issuing. When a certificate is issued on demand, it is trivial to make it includes only the needed information. However, when the certificate is already issued, it is useful to have means to select which signed information is revealed: for instance to only reveal that a user is of age and not her date of birth.
Furthermore, the CL-Signature implementation allows the unlinkability of certificate issuing and showing transactions. As a matter of fact, the unlinkability can be expected when a user shows multiple times a same certificate and also between the issuing and showing transactions of this certificate. It is a requirement to allow the unlinkability of the user transactions which is a strong property of anonymity and thus a privacy-preserving principle.
Finally, these tools can be used to implement e-cash and e-voting infrastructures.