Privacy-Preserving Post-Quantum Credentials for Digital Payments
Digital payments and decentralized systems enable the creation of new financial products and services for users. One core challenge in digital payments is the need to protect users from fraud and abuse while retaining privacy in individual transactions. We propose a pseudonymous credential scheme for use in payment systems to tackle this problem. The scheme is privacy-preserving, efficient for practical applications, and hardened against quantum computing attacks. We present a constant-round, interactive, zero-knowledge proof of knowledge (ZKPOK) that relies on a one-way function and an asymmetric encryption primitive—both of which need to support at most one homomorphic addition. The scheme is implemented with SWIFFT as a post-quantum one-way function and ring learning with errors as a post-quantum asymmetric encryption primitive, with the protocol deriving its quantum-hardness from the properties of the underlying primitives. We evaluate the performance of the ZKPOK instantiated with the chosen primitive and find that a memory footprint of 85 KB is needed to achieve 200 bits of security. Comparison reveals that our scheme is more efficient than equivalent, state-of-the-art post-quantum schemes. A practical and interactive credential mechanism was constructed from the proposed building blocks, in which users are issued pseudonymous credentials against their personally identifiable information that can be used to register with financial service providers without revealing personal information. The protocol is shown to be secure and free of information leakage, preserving the user’s privacy regardless of the number of registrations.