This work addresses the tension between privacy preservation and flexible credential revocation in European Digital Identity Wallets by proposing and implementing an end-to-end generic credential revocation system. Built upon a centralized revocation server and secure communication channels, the system enables immediate revocation while safeguarding user privacy. Its core contribution lies in providing the first formal security proof for a privacy-preserving revocation mechanism within the universally composable (UC) security framework, alongside a lightweight and practical system architecture. A proof-of-concept prototype demonstrates that the proposed solution achieves a favorable balance between security guarantees and operational efficiency.

European Digital Identity (EUDI) Wallet aims to provide end users with a way to get attested credentials from issuers, and present them to different relying parties. An important property mentioned in the regulatory frameworks is the possibility to revoke a previously issued credential. While it is possible to issue a short-lived credential, in some cases it may be inconvenient, and a separate revocation service which allows to revoke a credential at any time may be necessary. In this work, we propose a full end-to-end description of a generic credential revocation system, which technically relies on a single server and secure transmission channels between parties. We prove security of the proposed revocation functionality in the universal composability model, and estimate its efficiency based on a proof-of-concept implementation.