Privacy-Preserving Credentials for Self-Sovereign Identity with BBS+ Signatures

This document describes a new class of credentials focused on privacy, called privacy-preserving or anonymous credentials, based on BBS+ signatures. The main features needed to be such are data minimization and unlinkability, which is the ability to be non-correlatable when presented. BBS+ signatures offer these properties because they are multi-message signatures that allow a credential holder to select which attributes to disclose when generating an unlinkable zero-knowledge proof of knowledge of the credential and its signature. Furthermore, the designed and developed system has also the capabilities to bind credentials to their holders and to revoke credentials, all in a private manner. These privacy-preserving credentials can be perfectly integrated into the Self-Sovereign Identity model and the W3C standard of Verifiable Credentials, which enable humans, organizations, and things to have complete control of their identity.