TY - JOUR
T1 - Decentralized blacklistable anonymous credentials with reputation
AU - Yang, Rupeng
AU - Au, Man Ho
AU - Xu, Qiuliang
AU - Yu, Zuoxia
N1 - Funding Information:
We appreciate the anonymous reviewers of ACISP 2018 and Computers & Security for their valuable suggestions. Part of this work was supported by the National Natural Science Foundation of China (Grant Nos. 61602396 , U1636205 , 61572294 , 61632020 and 61602275 ), the MonashU-PolyU-Collinstar Capital Joint Lab on Blockchain and Cryptocurrency Technologies, and from the Research Grants Council of Hong Kong (Grant No. 25206317).
Publisher Copyright:
© 2019 Elsevier Ltd
PY - 2019/8
Y1 - 2019/8
N2 - Blacklistable anonymous credential systems provide service providers with a way to authenticate users according to their historical behaviors, while guaranteeing that all users can access services in an anonymous and unlinkable manner, thus are potentially useful in practice. Traditionally, to protect services from illegal access, the credential issuer, which completes the registration with users, must be trusted by the service provider. However, in practice, this trust assumption is usually unsatisfied. In this paper, we solve this problem and present the decentralized blacklistable anonymous credential system with reputation (DBLACR), which inherits nearly all features of the BLACR system presented in Au et al. (2012) but does not need a trusted party to register users.The new system also has extra advantages. In particular, it enables blacklist (historical behaviors) sharing among different service providers and is partially resilient to the blacklist gaming attack, where dishonest service providers attempt to compromise the privacy of users via generating blacklist maliciously. Technically, the main approach to achieve DBLACR system is a novel use of the blockchain technique, which serves as a public append-only ledger. The system can be instantiated from three different types of cryptographic systems, including the RSA system, the classical DL system, and the pairing based system. To demonstrate the practicability of our system, we also give a proof of concept implementation for the instantiation under the RSA system. The experiment results indicate that when authenticating with blacklists of reasonable size, our implementation can fulfill practical efficiency demands.
AB - Blacklistable anonymous credential systems provide service providers with a way to authenticate users according to their historical behaviors, while guaranteeing that all users can access services in an anonymous and unlinkable manner, thus are potentially useful in practice. Traditionally, to protect services from illegal access, the credential issuer, which completes the registration with users, must be trusted by the service provider. However, in practice, this trust assumption is usually unsatisfied. In this paper, we solve this problem and present the decentralized blacklistable anonymous credential system with reputation (DBLACR), which inherits nearly all features of the BLACR system presented in Au et al. (2012) but does not need a trusted party to register users.The new system also has extra advantages. In particular, it enables blacklist (historical behaviors) sharing among different service providers and is partially resilient to the blacklist gaming attack, where dishonest service providers attempt to compromise the privacy of users via generating blacklist maliciously. Technically, the main approach to achieve DBLACR system is a novel use of the blockchain technique, which serves as a public append-only ledger. The system can be instantiated from three different types of cryptographic systems, including the RSA system, the classical DL system, and the pairing based system. To demonstrate the practicability of our system, we also give a proof of concept implementation for the instantiation under the RSA system. The experiment results indicate that when authenticating with blacklists of reasonable size, our implementation can fulfill practical efficiency demands.
KW - Anonymous credential
KW - Authentication
KW - Blacklistable anonymous credential
KW - Blockchain
KW - Decentralized anonymous credential
UR - http://www.scopus.com/inward/record.url?scp=85066293702&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2019.05.009
DO - 10.1016/j.cose.2019.05.009
M3 - Journal article
AN - SCOPUS:85066293702
SN - 0167-4048
VL - 85
SP - 353
EP - 371
JO - Computers and Security
JF - Computers and Security
ER -