Decentralized blacklistable anonymous credentials with reputation

Rupeng Yang, Man Ho Au, Qiuliang Xu, Zuoxia Yu

Research output: Journal article publicationJournal articleAcademic researchpeer-review

19 Citations (Scopus)

Abstract

Blacklistable anonymous credential systems provide service providers with a way to authenticate users according to their historical behaviors, while guaranteeing that all users can access services in an anonymous and unlinkable manner, thus are potentially useful in practice. Traditionally, to protect services from illegal access, the credential issuer, which completes the registration with users, must be trusted by the service provider. However, in practice, this trust assumption is usually unsatisfied. In this paper, we solve this problem and present the decentralized blacklistable anonymous credential system with reputation (DBLACR), which inherits nearly all features of the BLACR system presented in Au et al. (2012) but does not need a trusted party to register users.The new system also has extra advantages. In particular, it enables blacklist (historical behaviors) sharing among different service providers and is partially resilient to the blacklist gaming attack, where dishonest service providers attempt to compromise the privacy of users via generating blacklist maliciously. Technically, the main approach to achieve DBLACR system is a novel use of the blockchain technique, which serves as a public append-only ledger. The system can be instantiated from three different types of cryptographic systems, including the RSA system, the classical DL system, and the pairing based system. To demonstrate the practicability of our system, we also give a proof of concept implementation for the instantiation under the RSA system. The experiment results indicate that when authenticating with blacklists of reasonable size, our implementation can fulfill practical efficiency demands.

Original languageEnglish
Pages (from-to)353-371
Number of pages19
JournalComputers and Security
Volume85
DOIs
Publication statusPublished - Aug 2019

Keywords

  • Anonymous credential
  • Authentication
  • Blacklistable anonymous credential
  • Blockchain
  • Decentralized anonymous credential

ASJC Scopus subject areas

  • General Computer Science
  • Law

Fingerprint

Dive into the research topics of 'Decentralized blacklistable anonymous credentials with reputation'. Together they form a unique fingerprint.

Cite this