One of my works which is a continuation of my Master thesis focuses on a specific type of conditionally anonymous authentication scheme, blacklistable anonymous credentials. This work is a joint work with my Master thesis supervisor, Prof. Albert Levi. Blacklistable anonymous credential schemes mainly propose a system in which service providers can blacklist a user based on the specific session in which the user got the service. It allows one to blacklist a user without learning the identity of the user and there is no way to link an authentication session to the real-world identity of a user. Commonly, blacklistable anonymous credential schemes assume that service providers are honest-but-curious. This assumption ensures that the service provider runs the registration and authentication protocols as defined. However, blacklistable anonymous credential schemes apply the mechanism subjective blacklisting. It means that there is no determined policy about the behavior of the service provider about blacklisting a user. In more detail, there is no defined policy on choosing authentication sessions to be blacklisted, and the service provider can choose sessions to be blacklisted as he wishes. Hence, the service provider may blacklist a user just to link two authentication sessions to each other by still keeping his honest-but-curious behavior. This kind of blacklists are called malicious blacklists and they are the main potential threat against user privacy in a blacklistable anonymous credential scheme. In short, blacklistable anonymous credentials may give some room to link authentication sessions of the same user to each other in a malicious way, even though they do not allow service providers to link these authentication sessions to the real-world identity of the user. My work aims to improve blacklistable anonymous credentials in two ways for improving user privacy. First, extending existing schemes in a way that honest authentication sessions can be unlinked from the user’s credential. Second, providing backward-unlinkability, namely, a misbehaved authentication session cannot be linked to previous honest authentication sessions of the user. To provide these properties, we define the system in a different way than the previous works, as in the figure above. While we define issuance and authentication steps as usual (Step 1 and Step 2, respectively), we define a new procedure called whitelisting. This procedure must be run to unlink the authentication session from the user. As long as the user behaves honest during the session, she will be "whitelisted" and stay backward unlinkable for this session. Otherwise, the service provider can blacklist the user as in Step 4.