research-article

BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs

Authors:

Patrick P. Tsang,

Sean W. SmithAuthors Info & Claims

ACM Transactions on Information and System Security (TISSEC), Volume 13, Issue 4

Article No.: 39, Pages 1 - 33

https://doi.org/10.1145/1880022.1880033

Published: 01 December 2010 Publication History

Abstract

Several credential systems have been proposed in which users can authenticate to service providers anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a complaint to a Trusted Third Party (TTP). The ability of the TTP to revoke a user’s privacy at any time, however, is too strong a punishment for misbehavior. To limit the scope of deanonymization, some systems have been proposed in which users can be deanonymized only if they authenticate “too many times,” such as “double spending” with electronic cash. While useful in some applications, such techniques cannot be generalized to more subjective definitions of misbehavior, for example, using such schemes it is not possible to block anonymous users who “deface too many Web pages” on a Web site.

We present BLAC, the first anonymous credential system in which service providers can revoke the credentials of misbehaving users without relying on a TTP . Since revoked users remain anonymous, misbehaviors can be judged subjectively without users fearing arbitrary deanonymization by a TTP . Additionally, our construction supports a d-strikes-out revocation policy, whereby users who have been subjectively judged to have repeatedly misbehaved at least d times are revoked from the system. Thus, for the first time, it is indeed possible to block anonymous users who have “defaced too many Web pages” using our scheme.

References

[1]

Ateniese, G., Camenisch, J., Joye, M., and Tsudik, G. 2000. A practical and provably secure coalition-resistant group signature scheme. In Proceedings of the International Cryptology Conference (CRYPTO’00). M. Bellare Ed., Lecture Notes in Computer Science, vol. 1880, Springer, 255--270.

Digital Library

[2]

Ateniese, G., Song, D. X., and Tsudik, G. 2002. Quasi-efficient revocation in group signatures. In Proceedings of the Conference on Financial Cryptography. M. Blaze Ed., Lecture Notes in Computer Science, vol. 2357, Springer, 183--197.

Digital Library

[3]

Au, M. H., Chow, S. S. M., and Susilo, W. 2005. Short e-cash. In Proceedings of the International Conference on Cryptology in India (INDOCRYPT’05). S. Maitra et al. Eds., Lecture Notes in Computer Science, vol. 3797, Springer, 332--346.

Digital Library

[4]

Au, M. H., Susilo, W., and Mu, Y. 2006. Constant-size dynamic k-TAA. In Proceedings of the 5th International Conference on Security and Cryptography for Networks (SCN’06). R. D. Prisco and M. Yung Eds., Lecture Notes in Computer Science, vol. 4116, Springer, 111--125.

Digital Library

[5]

Bellare, M. and Rogaway, P. 1993. Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the ACM Conference on Computer and Communications Security. 62--73.

Digital Library

[6]

Boneh, D. and Boyen, X. 2004. Short signatures without random oracles. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’04). C. Cachin and J. Camenisch Eds., Lecture Notes in Computer Science, vol. 3027, Springer, 56--73.

[7]

Boneh, D. and Shacham, H. 2004. Group signatures with verifier-local revocation. In Proceedings of the ACM Conference on Computer and Communications Security. V. Atluri et al. Eds., ACM, 168--177.

Digital Library

[8]

Boneh, D., Boyen, X., and Shacham, H. 2004. Short group signatures. In Proceedings of the 24th Annual International Cryptology Conference, Advances in Cryptology (CRYPTO’04). M. K. Franklin Ed., Lecture Notes in Computer Science, vol. 3152, Springer, 41--55.

[9]

Boyen, X. 2007. Mesh signatures. In Proceedings of the Annual International Conference on Theory and Applications of Cryptographic Techniques (EUROCRYPT’07). M. Naor Ed., Lecture Notes in Computer Science, vol. 4515, Springer, 210--227.

Digital Library

[10]

Brickell, E. and Li, J. 2007. Enhanced privacy ID: A direct anonymous attestation scheme with enhanced revocation capabilities. In Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES’07). P. Ning and T. Yu Eds., ACM, 21--30.

Digital Library

[11]

Camenisch, J., Hohenberger, S., Kohlweiss, M., Lysyanskaya, A., and Meyerovich, M. 2006a. How to win the clonewars: Efficient periodic n-times anonymous authentication. In Proceedings of the ACM Conference on Computer and Communications Security. A. Juels et al. Eds., ACM, 201--210.

Digital Library

[12]

Camenisch, J., Hohenberger, S., and Lysyanskaya, A. 2005. Compact e-cash. In Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Advances in Cryptology (EUROCRYPT’05). R. Cramer Ed., Lecture Notes in Computer Science, vol. 3494, Springer, 302--321.

Digital Library

[13]

Camenisch, J., Hohenberger, S., and Lysyanskaya, A. 2006b. Balancing accountability and privacy using e-cash (extended abstract). In Proceedings of the 5th International Conference on Security and Cryptography for Networks (SCN’06). R. D. Prisco and M. Yung Eds., Lecture Notes in Computer Science, vol. 4116, Springer, 141--155.

Digital Library

[14]

Camenisch, J. and Lysyanskaya, A. 2001. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniqes (EUROCRYPT’01). B. Pfitzmann Ed., Lecture Notes in Computer Science, vol. 2045, Springer, 93--118.

Digital Library

[15]

Camenisch, J. and Lysyanskaya, A. 2002a. Dynamic accumulators and application to efficient revocation of anonymous credentials. In Proceedings of the International Cryptology Conference (CRYPTO’02). M. Yung Ed., Lecture Notes in Computer Science, vol. 2442, Springer, 61--76.

Digital Library

[16]

Camenisch, J. and Lysyanskaya, A. 2002b. A signature scheme with efficient protocols. In Proceedings of the International Conference on Security and Cryptography for Networks (SCN’02). S. Cimato et al. Eds., Lecture Notes in Computer Science, vol. 2576, Springer, 268--289.

Digital Library

[17]

Camenisch, J. and Lysyanskaya, A. 2004. Signature schemes and anonymous credentials from bilinear maps. In Proceedings of the 24th Annual International Cryptology Conference, Advances in Cryptology (CRYPTO’04). M. K. Franklin Ed., Lecture Notes in Computer Science, vol. 3152, Springer, 56--72.

[18]

Camenisch, J. and Shoup, V. 2003. Practical verifiable encryption and decryption of discrete logarithms. In Proceedings of the International Cryptology Conference (CRYPTO’03). D. Boneh Ed., Lecture Notes in Computer Science, vol. 2729, Springer, 126--144.

[19]

Camenisch, J. and Stadler, M. 1997. Efficient group signature schemes for large groups (extended abstract). In Proceedings of the International Cryptology Conference (CRYPTO’97). Lecture Notes in Computer Science, vol. 1294, Springer, 410--424.

Digital Library

[20]

Catalano, D., Fiore, D., and Messina, M. 2008. Zero-knowledge sets with short proofs. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Tehnqies (EUROCRYPT’08). N. P. Smart Ed., Lecture Notes in Computer Science, vol. 4965, Springer, 433--450.

Digital Library

[21]

Chaum, D. and van Heyst, E. 1991. Group signatures. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’91). 257--265.

Digital Library

[22]

Cramer, R., Ed. 2005. Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Advances in Cryptology (EUROCRYPT’05). Lecture Notes in Computer Science, vol. 3494, Springer.

Digital Library

[23]

Cramer, R., Damgard, I., and Schoenmakers, B. 1994. Proofs of partial knowledge and simplified design of witness hiding protocols. In Proceedings of the International Cryptology Conference (CRYPTO’94). Y. Desmedt Ed., Lecture Notes in Computer Science, vol. 839, Springer, 174--187.

Digital Library

[24]

Damgard, I. 2000. Efficient concurrent zero-knowledge in the auxiliary string model. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniqes (EUROCRYPT’00). 418--430.

Digital Library

[25]

Dingledine, R., Mathewson, N., and Syverson, P. F. 2004. Tor: The second-generation onion router. In Proceedings of the USENIX Security Symposium. USENIX, 303--320.

Digital Library

[26]

Douceur, J. R. 2002. The sybil attack. In Proceedings of the International Workshop on Peer-to-Peer Systems (IPTPS’02). P. Druschel et al. Eds., Lecture Notes in Computer Science, vol. 2429, Springer, 251--260.

Digital Library

[27]

Franklin, M. K., Ed. 2004. Proceedings of the 24th Annual International Cryptology Conference, Advances in Cryptology (CRYPTO’04). Lecture Notes in Computer Science, vol. 3152, Springer.

[28]

Goldwasser, S., Micali, S., and Rackoff, C. 1989. The knowledge complexity of interactive proof systems. SIAM J. Comput. 18, 1, 186--208.

Digital Library

[29]

Goldwasser, S., Micali, S., and Rivest, R. L. 1988. A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17, 2, 281--308.

Digital Library

[30]

Johnson, P. C., Kapadia, A., Tsang, P. P., and Smith, S. W. 2007. Nymble: Anonymous IP-address blocking. In Proceedings of the Conference on Privacy Enhancing Technologies. N. Borisov and P. Golle Eds., Lecture Notes in Computer Science, vol. 4776, Springer, 113--133.

Digital Library

[31]

Kiayias, A. and Yung, M. 2005. Group signatures with efficient concurrent join. In Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Advances in Cryptology (EUROCRYPT’05). R. Cramer Ed., Lecture Notes in Computer Science, vol. 3494, Springer, 198--214.

Digital Library

[32]

Liu, J. K., Wei, V. K., and Wong, D. S. 2004. Linkable spontaneous anonymous group signature for ad hoc groups (extended abstract). In Proceedings of the Australian Conference on Information Security and Privacy (ACISP’04). H. Wang et al. Eds., Lecture Notes in Computer Science, vol. 3108, Springer, 325--335.

[33]

Nguyen, L. 2005. Accumulators from bilinear pairings and applications. In Proceedings of the Cryptographer’s Track at the RSA Conference (CT-RSA’05). A. Menezes Ed., Lecture Notes in Computer Science, vol. 3376, Springer, 275--292.

Digital Library

[34]

Nguyen, L. and Safavi-Naini, R. 2005. Dynamic k-times anonymous authentication. In Proceedings of the International Conference on Applied Cryptography and Network Security (ACNS’05). J. Ioannidis et al. Eds., Lecture Notes in Computer Science, vol. 3531, Springer, 318--333.

Digital Library

[35]

Prisco, R. D. and Yung, M., Eds. 2006. Proceedings of the 5th International Conference on Security and Cryptography for Networks (SCN’06). Lecture Notes in Computer Science, vol. 4116, Springer.

Digital Library

[36]

Schnorr, C.-P. 1991. Efficient signature generation by smart cards. J. Cryptol. 4, 3, 161--174.

Digital Library

[37]

Syverson, P. F., Stubblebine, S. G., and Goldschlag, D. M. 1997. Unlinkable serial transactions. In Proceedings of the Conference on Financial Cryptography. R. Hirschfeld Ed., Lecture Notes in Computer Science, vol. 1318, Springer, 39--56.

Digital Library

[38]

Teranishi, I., Furukawa, J., and Sako, K. 2004. k-times anonymous authentication (extended abstract). In Proceedings of the Annual International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT’04). P. J. Lee Ed., Lecture Notes in Computer Science, vol. 3329, Springer, 308--322.

[39]

Teranishi, I. and Sako, K. 2006. k-times anonymous authentication with a constant proving cost. In Proceedings of the Conference on Public Key Cryptography. M. Yung et al. Eds., Lecture Notes in Computer Science, vol. 3958, Springer, 525--542.

Digital Library

[40]

TPM Work Group. 2006. TCG TPM specification version 1.2 revision 94. Tech. rep., Trusted Computing Group.

[41]

Tsang, P. P., Au, M. H., Kapadia, A., and Smith, S. W. 2007a. Blacklistable anonymous credentials: Blocking misbehaving users without TTPs. In Proceedings of the ACM Conference on Computer and Communications Security. P. Ning et al. Eds., ACM, 72--81.

Digital Library

[42]

Tsang, P. P., Au, M. H., Kapadia, A., and Smith, S. W. 2007b. Blacklistable anonymous credentials: Blocking misbehaving users without TTPs (full version). Tech. rep. TR2007-601, Dartmouth College.

[43]

Tsang, P. P., Au, M. H., Kapadia, A., and Smith, S. W. 2008. PEREA: Towards practical TTP-free revocation in anonymous authentication. In Proceedings of the ACM Conference on Computer and Communications Security. P. Ning et al. Eds., ACM, 333--344.

Digital Library

[44]

Tsang, P. P., Wei, V. K., Chan, T. K., Au, M. H., Liu, J. K., and Wong, D. S. 2004. Separable linkable threshold ring signatures. In Proceedings of the International Conference on Cryptology in India (INDOCRYPT’04). A. Canteaut and K. Viswanathan Eds., Lecture Notes in Computer Science, vol. 3348, Springer, 384--398.

Digital Library

Cited By

Scheffler SMayer J(2024)Group Moderation Under End-to-End EncryptionProceedings of the Symposium on Computer Science and Law10.1145/3614407.3643704(36-47)Online publication date: 12-Mar-2024
https://dl.acm.org/doi/10.1145/3614407.3643704
García-Rodríguez JKrenn SBernal Bernabe JSkarmeta A(2024)Beyond selective disclosureComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110498248:COnline publication date: 1-Jun-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110498
Wang BLueks WSukaitis JNarbel VTroncoso C(2023)Not Yet Another Digital ID: Privacy-Preserving Humanitarian Aid Distribution2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179306(645-663)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179306
Show More Cited By

Index Terms

BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption
  2. Security services
    1. Authentication

Recommendations

PEREA: towards practical TTP-free revocation in anonymous authentication
CCS '08: Proceedings of the 15th ACM conference on Computer and communications security

Several anonymous authentication schemes allow servers to revoke a misbehaving user's ability to make future accesses. Traditionally, these schemes have relied on powerful TTPs capable of deanonymizing (or linking) users' connections. Recent schemes ...
Blacklistable anonymous credentials: blocking misbehaving users without ttps
CCS '07: Proceedings of the 14th ACM conference on Computer and communications security

Several credential systems have been proposed in which users can authenticate to services anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a ...
PEREA: Practical TTP-free revocation of repeatedly misbehaving anonymous users

Several anonymous authentication schemes allow servers to revoke a misbehaving user's ability to make future accesses. Traditionally, these schemes have relied on powerful Trusted Third Parties (TTPs) capable of deanonymizing (or linking) users' ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Information and System Security

ACM Transactions on Information and System Security Volume 13, Issue 4

December 2010

412 pages

ISSN:1094-9224

EISSN:1557-7406

DOI:10.1145/1880022

Issue’s Table of Contents

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 December 2010

Accepted: 01 October 2009

Revised: 01 October 2009

Received: 01 September 2008

Published in TISSEC Volume 13, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Division of Computer and Network Systems
Institute for Security Technology Studies

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

34
Total Citations
View Citations
527
Total Downloads

Downloads (Last 12 months)37
Downloads (Last 6 weeks)6

Reflects downloads up to 04 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Scheffler SMayer J(2024)Group Moderation Under End-to-End EncryptionProceedings of the Symposium on Computer Science and Law10.1145/3614407.3643704(36-47)Online publication date: 12-Mar-2024
https://dl.acm.org/doi/10.1145/3614407.3643704
García-Rodríguez JKrenn SBernal Bernabe JSkarmeta A(2024)Beyond selective disclosureComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110498248:COnline publication date: 1-Jun-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110498
Wang BLueks WSukaitis JNarbel VTroncoso C(2023)Not Yet Another Digital ID: Privacy-Preserving Humanitarian Aid Distribution2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179306(645-663)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179306
Kakvi SMartin KPutman CQuaglia E(2023)SoK: Anonymous CredentialsSecurity Standardisation Research10.1007/978-3-031-30731-7_6(129-151)Online publication date: 22-Apr-2023
https://dl.acm.org/doi/10.1007/978-3-031-30731-7_6
Rosenberg MMaller MMiers I(2022)SNARKBlock: Federated Anonymous Blocklisting from Hidden Common Input Aggregate Proofs2022 IEEE Symposium on Security and Privacy (SP)10.1109/SP46214.2022.9833656(948-965)Online publication date: May-2022
https://doi.org/10.1109/SP46214.2022.9833656
Phetsouvanh SDatta ATiu A(2021)On unlinkability and denial of service attacks resilience of whistleblower platformsFuture Generation Computer Systems10.1016/j.future.2021.01.030118(438-452)Online publication date: May-2021
https://doi.org/10.1016/j.future.2021.01.030
Lueks WHampiholi BAlpár GTroncoso C(2020)Tandem: Securing Keys by Using a Central Server While Preserving PrivacyProceedings on Privacy Enhancing Technologies10.2478/popets-2020-00552020:3(327-355)Online publication date: 17-Aug-2020
https://doi.org/10.2478/popets-2020-0055
Gaiduk PRanjan KBasmer TTschorsch F(2020)Privacy-Preserving Public Key Infrastructure for Vehicular Networks2020 IEEE 45th Conference on Local Computer Networks (LCN)10.1109/LCN48667.2020.9314787(154-163)Online publication date: 16-Nov-2020
https://doi.org/10.1109/LCN48667.2020.9314787
Nakanishi TKanatani T(2020)Efficient blacklistable anonymous credential system with reputation using a pairing‐based accumulatorIET Information Security10.1049/iet-ifs.2018.550514:6(613-624)Online publication date: Nov-2020
https://doi.org/10.1049/iet-ifs.2018.5505
Pal OAlam B(2019)Key Life Cycle and Estimation of Time for Revocation of Keys in Cryptographic SystemsProceedings of ICETIT 201910.1007/978-3-030-30577-2_91(1028-1038)Online publication date: 24-Sep-2019
https://doi.org/10.1007/978-3-030-30577-2_91
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents