Man Ho Au
Apu Kapadia
ABSTRACT
Some users may misbehave under the cover of anonymity by, e.g., defacing webpages on Wikipedia or posting vulgar comments on YouTube. To prevent such abuse, a few anonymous credential schemes have been proposed that revoke access for misbehaving users while maintaining their anonymity such that no trusted third party (TTP) is involved in the revocation process. Recently we proposed BLACR, a TTP-free scheme that supports `reputation-based blacklisting' --- the service provider can score users' anonymous sessions (e.g., good vs. inappropriate comments) and users with insufficient reputation are denied access.
The major drawback of BLACR is the linear computational overhead in the size of the reputation list, which allows it to support reputation for only a few thousand user sessions in practical settings. We propose PERM, a revocation-window-based scheme (misbehaviors must be caught within a window of time), which makes computation independent of the size of the reputation list. PERM thus supports millions of user sessions and makes reputation-based blacklisting practical for large-scale deployments.
- G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A Practical and Provably Secure Coalition-Resistant Group Signature Scheme. In CRYPTO, volume 1880 of Lecture Notes in Computer Science, pages 255--270. Springer, 2000. Google Scholar
Digital Library
- M. H. Au, A. Kapadia, and W. Susilo. BLACR: TTP-Free Blacklistable Anonymous Credentials with Reputation. In Proceedings of The 19th Annual Network and Distributed System Security Symposium (NDSS), Feb. 2012.Google Scholar
- M. H. Au, W. Susilo, and Y. Mu. Constant-Size Dynamic k-TAA. In SCN, volume 4116 of Lecture Notes in Computer Science, pages 111--125. Springer, 2006. Google ScholarDigital Library
- M. H. Au, P. P. Tsang, and A. Kapadia. PEREA: Practical TTP-Free Revocation of Repeatedly Misbehaving Anonymous Users. ACM Transactions on Information and System Security, 14:29:1--29:34, Dec. 2011. Google ScholarDigital Library
- M. H. Au, P. P. Tsang, A. Kapadia, and W. Susilo. BLACR: TTP-Free Blacklistable Anonymous Credentials with Reputation. Technical Report TR695, Indiana University Bloomington, May 2011.Google Scholar
- M. Bellare and P. Rogaway. Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In ACM Conference on Computer and Communications Security, pages 62--73, 1993. Google ScholarDigital Library
- J. C. Benaloh and M. de Mare. One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract). In EUROCRYPT, pages 274--285, 1993. Google ScholarDigital Library
- D. Boneh, X. Boyen, and H. Shacham. Short Group Signatures. In CRYPTO, volume 3152 of Lecture Notes in Computer Science, pages 41--55, 2004.Google Scholar
- J. Camenisch, R. Chaabouni, and A. Shelat. Efficient Protocols for Set Membership and Range Proofs. In ASIACRYPT, volume 5350 of Lecture Notes in Computer Science, pages 234--252. Springer, 2008. Google ScholarDigital Library
- J. Camenisch and A. Lysyanskaya. A Signature Scheme with Efficient Protocols. In SCN, volume 2576 of Lecture Notes in Computer Science, pages 268--289. Springer, 2002. Google ScholarDigital Library
- J. Camenisch and A. Lysyanskaya. Signature Schemes and Anonymous Credentials from Bilinear Maps. In CRYPTO, volume 3152 of Lecture Notes in Computer Science, pages 56--72, 2004.Google Scholar
- J. Camenisch and M. Stadler. Efficient Group Signature Schemes for Large Groups (Extended Abstract). In B. S. K. Jr., editor, CRYPTO, volume 1294 of Lecture Notes in Computer Science, pages 410--424. Springer, 1997. Google ScholarDigital Library
- D. Chaum and E. van Heyst. Group Signatures. In EUROCRYPT, pages 257--265, 1991. Google ScholarDigital Library
- R. Cramer, I. Damgård, and B. Schoenmakers. Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols. In Y. Desmedt, editor, CRYPTO, volume 839 of Lecture Notes in Computer Science, pages 174--187, 1994. Google ScholarDigital Library
- R. Dingledine, N. Mathewson, and P. Syverson. Tor: The Second-Generation Onion Router. In Usenix Security Symposium, pages 303--320, Aug. 2004. Google ScholarDigital Library
- S. Goldwasser, S. Micali, and C. Rackoff. The Knowledge Complexity of Interactive Proof Systems. SIAM J. Comput., 18(1):186--208, 1989. Google ScholarDigital Library
- S. Goldwasser, S. Micali, and R. L. Rivest. A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks. SIAM J. Comput., 17(2):281--308, 1988. Google ScholarDigital Library
- R. Henry, K. Henry, and I. Goldberg. Making a Nymbler Nymble Using VERBS. In Privacy Enhancing Technologies, volume 6205 of Lecture Notes in Computer Science, pages 111--129, 2010. Google ScholarDigital Library
- P. C. Johnson, A. Kapadia, P. P. Tsang, and S. W. Smith. Nymble: Anonymous IP-Address Blocking. In Privacy Enhancing Technologies, volume 4776 of Lecture Notes in Computer Science, pages 113--133. Springer, 2007. Google ScholarDigital Library
- A. Kiayias, Y. Tsiounis, and M. Yung. Traceable Signatures. In C. Cachin and J. Camenisch, editors, EUROCRYPT, volume 3027 of Lecture Notes in Computer Science, pages 571--589. Springer, 2004.Google Scholar
- Z. Lin and N. Hopper. Jack: Scalable accumulator-based Nymble system. In WPES, pages 53--62, 2010. Google ScholarDigital Library
- P. Lofgren and N. Hopper. FAUST: Efficient, TTP-Free Abuse Prevention by Anonymous Whitelisting. In Proceedings of the Workshop on Privacy in the Electronic Society (WPES), Oct. 2011. Google ScholarDigital Library
- T. P. Pedersen. Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing. In CRYPTO'91, volume 576 of LNCS, pages 129--140, 1992. Google ScholarDigital Library
- P. P. Tsang, M. H. Au, A. Kapadia, and S. W. Smith. Blacklistable Anonymous Credentials: Blocking Misbehaving Users without TTPs. In ACM Conference on Computer and Communications Security, pages 72--81. ACM, 2007. Google ScholarDigital Library
- P. P. Tsang, M. H. Au, A. Kapadia, and S. W. Smith. PEREA: Towards Practical TTP-Free Revocation in Anonymous Authentication. In ACM Conference on Computer and Communications Security, pages 333--344, 2008. Google ScholarDigital Library
- P. P. Tsang, M. H. Au, A. Kapadia, and S. W. Smith. BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs. ACM Trans. Inf. Syst. Secur., 13(4):39, 2010. Google ScholarDigital Library
- P. P. Tsang, A. Kapadia, C. Cornelius, and S. W. Smith. Nymble: Blocking Misbehaving Users in Anonymizing Networks. IEEE Trans. Dependable Sec. Comput., 8(2):256--269, 2011. Google ScholarDigital Library
Index Terms
- PERM: practical reputation-based blacklisting without TTPS
Recommendations
BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs
Several credential systems have been proposed in which users can authenticate to service providers anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users ...
Blacklistable anonymous credentials: blocking misbehaving users without ttps
CCS '07: Proceedings of the 14th ACM conference on Computer and communications securitySeveral credential systems have been proposed in which users can authenticate to services anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a ...
Making a nymbler nymble using VERBS
PETS'10: Proceedings of the 10th international conference on Privacy enhancing technologiesWe propose a new system modeled after Nymble. Like Nymble, our scheme provides a privacy-preserving analog of IP address blocking for anonymizing networks. However, unlike Nymble, the user in our scheme need not trust third parties to maintain their ...
Comments