Anonymous tokens – implementation and development

Anonymous tokens can be used to provide one-time authentication for a service without revealing one’s identity, and has been used as a CAPTCHA replacement and to provide additional anonymity in the Norwegian COVID-19 contact tracing app, and more. We demonstrate the practicality of implementing anonymous tokens with public metadata. Further, the protocols are extended to include hidden public metadata, and improved batch verification across different metadata. An attack on previously suggested batch verification is also demonstrated. We envision further applications, for instance for services where the identity of some data submitting operative is more sensitive than the data it submits.