PERM: Practical reputation-based blacklisting without TTPs

Man Ho Allen Au, Apu Kapadia

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

28 Citations (Scopus)


Some users may misbehave under the cover of anonymity by, e.g., defacing webpages on Wikipedia or posting vulgar comments on YouTube. To prevent such abuse, a few anonymous credential schemes have been proposed that revoke access for misbehaving users while maintaining their anonymity such that no trusted third party (TTP) is involved in the revocation process. Recently we proposed BLACR, a TTP-free scheme that supports 'reputation-based blacklisting' - the service provider can score users' anonymous sessions (e.g., good vs. inappropriate comments) and users with insufficient reputation are denied access. The major drawback of BLACR is the linear computational overhead in the size of the reputation list, which allows it to support reputation for only a few thousand user sessions in practical settings. We propose PERM, a revocation-window-based scheme (misbehaviors must be caught within a window of time), which makes computation independent of the size of the reputation list. PERM thus supports millions of user sessions and makes reputation-based blacklisting practical for large-scale deployments.
Original languageEnglish
Title of host publicationCCS'12 - Proceedings of the 2012 ACM Conference on Computer and Communications Security
Number of pages12
Publication statusPublished - 26 Nov 2012
Externally publishedYes
Event2012 ACM Conference on Computer and Communications Security, CCS 2012 - Raleigh, NC, United States
Duration: 16 Oct 201218 Oct 2012


Conference2012 ACM Conference on Computer and Communications Security, CCS 2012
Country/TerritoryUnited States
CityRaleigh, NC


  • Accountable anonymity
  • Anonymous blacklisting
  • Revocation

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'PERM: Practical reputation-based blacklisting without TTPs'. Together they form a unique fingerprint.

Cite this