Nos membres

• Blue Line
• Cliss XXI
• Code Lutin
• Easter-eggs
• Eledo
• Entr'ouvert
• labor-liber
• Les Développements Durables
• LibrenBerry
• Libricks
• Néreide
• Open Via
• SILECS
• Syloé
• Ticket-Libre

Entr'ouvert

eGovernment and digital identity

• Home
• Contact
• FAQ
• Clients

• eGovernment
  • Au quotidien
  • w.c.s.
• Identity management
  • Liberty Alliance
  • Lasso
  • Identity Provider
  • Reverse-Proxy
  • Projects
  • Demonstration
  • License and support
• Research and development
  • Projects
  • Events
  • Works
  • Cryptic

Cryptic

Cryptic is a free software library released under the GNU GPL v2 and above license. Cryptic allows the implementation of digital certificates with advanced properties. Cryptic is written in C language and relies on glib and openssl. The version 1.0 provides a binding for the Python language. Examples are provided with the library as a basic documentation.

Outline

The stake is privacy. Cryptic helps in reducing the certified information disclosed to verifiers. The certificates have the following properties:

• Selective disclosure of content.
• Proofs on certificate content.
• Unlinkability between certificate issuing and showing transactions.

Download

• Tarball version 1.0 : cryptic-1.0.0.tar.gz
• Repository: svn://labs.libre-entreprise.org/svnroot/cryptic/

Lists

• Development: cryptic-devel (archive)
• Subversion commits: cryptic-commits (archive)

Functionnalities

The library currently implements:

• The CL-Signature from the Camenisch and Lysyanskaya works.
• The Schnorr zero-knowledge proof of knowledge protocol.
• Range proofs on quantities.

The version 1.1 will include a binding for Java, a real documentation and unit tests.

To go further...

The Cryptic library can be used to create certificates of different formats allowing the selective disclosure of content and to lead proofs of properties on signed attributes. The goal is a fine-grained information disclosure for off-line certificates. Such certificates can be used multiple times without re-issuing. When a certificate is issued on demand, it is trivial to make it includes only the needed information. However, when the certificate is already issued, it is useful to have means to select which signed information is revealed: for instance to only reveal that a user is of age and not her date of birth.

Furthermore, the CL-Signature implementation allows the unlinkability of certificate issuing and showing transactions. As a matter of fact, the unlinkability can be expected when a user shows multiple times a same certificate and also between the issuing and showing transactions of this certificate. It is a requirement to allow the unlinkability of the user transactions which is a strong property of anonymity and thus a privacy-preserving principle.

Finally, these tools can be used to implement e-cash and e-voting infrastructures.

Copyright © 2004-2010 Entr'ouvert.