Google Git
Sign in
android / platform / external / anonymous-counting-tokens / refs/heads/main
commit38af3dd2e1ccf5b0bcbce592e6de9ba191056375[log] [tgz]
authorCole Faust <[email protected]>Mon Mar 10 11:34:28 2025 -0700
committerCole Faust <[email protected]>Mon Mar 10 12:10:43 2025 -0700
treeac35b1442c3cec3098d49447dbe480e008f55409
parent8a1bc2e67b1625836e3d251e25816ddef25b75ae [diff]
Use canonical ABSL

The forked version of absl causes problems when updating protobuf, as
protobuf now links against the canonical version of absl.

Bug: 329747255
Test: Presubmits
Change-Id: I915f935a24f60f7c2bd5bd79582f5eb25676988e
2 files changed
tree: ac35b1442c3cec3098d49447dbe480e008f55409
  1. act/
  2. .bazelrc
  3. .gitignore
  4. Android.bp
  5. CONTRIBUTING.md
  6. LICENSE
  7. METADATA
  8. MODULE_LICENSE_APACHE2
  9. OWNERS
  10. README.md
  11. TEST_MAPPING
  12. WORKSPACE
README.md

An Implementation of Anonymous Counting Tokens.

An anonymous counting token (ACT) scheme allows Clients to obtain blind signatures or MACs (aka tokens) on messages of their choice, while at the same time enabling Issuers to enforce rate limits on the number of tokens that a client can obtain for each message. Specifically,

  • Blind issuance: The Issuer doesn't see the message for which a token is being requested
  • Unlinkability: When the Client redeems a token, the token cannot be linked to the issuance phase
  • Throttled issuance on identical messages: The Issuer can detect if a particular Client is requesting a token for a previously used message.

This repository implements a variant of the scheme described in [1], which is secure in the random oracle model under the q-DDHI assumption (in a cyclic group) and the DCR assumption. The variant implemented here relaxes the proven soundness guarantee to the non-concurrent setting. It also assumes that the server generates its parameters correctly. Future versions will support server proofs for correct parameter generation.

This implementation also supports batched token issuance. Batched token issuance can have significant performance benefits as compared to individual token issuance.

[1] “Anonymous Counting Tokens.” Fabrice Benhamouda, Mariana Raykova, Karn Seth.

Building/Running Tests

This repository requires Bazel. You can install Bazel by following the instructions for your platform on the Bazel website.

Once you have installed Bazel you can clone this repository and run all tests that are included by navigating into the root folder and running:

bazel test //...

Disclaimer

This is not an officially supported Google product. The code is provided as-is, with no guarantees of correctness or security.