Saturday, October 11, 2008
« LZfuz: a fast compression-based fuzzer f... |
Main |
Detect Rootkits »
BLAC: Revoking Repeatedly Misbehaving Anonymous Users Without Relying on TTPs
Dartmouth Technical Report TR2008-635
Patrick P. Tsang
Man Ho Au
Apu Kapadia
Sean W. Smith
Date: October 2008
Abstract:
Several credential systems have been proposed in which users can
authenticate to service providers anonymously. Since anonymity can
give users the license to misbehave, some variants allow the selective
deanonymization (or linking) of misbehaving users upon a complaint to
a trusted third party (TTP). The ability of the TTP to revoke a user's
privacy at any time, however, is too strong a punishment for
misbehavior. To limit the scope of deanonymization, systems have been
proposed in which users are deanonymized if they authenticate ``too
many times,'' such as ``double spending'' with electronic cash. While
useful in some applications, it is not possible to generalize such
techniques to more subjective definitions of misbehavior, e.g., it is
not possible to block users who ``deface too many webpages'' on a
website.
We present BLAC, the first anonymous credential system in which
service providers can revoke the credentials of repeatedly misbehaving
users without relying on a TTP. Since revoked users remain
anonymous, misbehaviors can be judged subjectively without users
fearing arbitrary deanonymization by a TTP. Finally, our
construction supports a $d$-strikes-out revocation policy,
whereby users who have been subjectively judged to have repeatedly
misbehaved at least $d$ times are revoked from the system.
Note:
The preliminary part of this report is based on our work originally
published in the proceedings of the 14th ACM Conference on Computer
and Communication Security (CCS '07), October 2007, under the title of
"Blacklistable Anonymous Credentials: Blocking Misbehaving Users
without TTPs". At the same period of time, we published an extended
version of the CCS '07 paper as Dartmouth Computer Science technical
report TR2007-601, which contained further details that did not fit
into the conference paper.
In this report, we make a significant additional contribution by
extending our original construction of BLAC to provide more flexible
revocation --- SPs can specify a d-strikes-out revocation policy, so
that users can authenticate anonymously only if they have not
misbehaved d or more times. Such a policy forgives a few (i.e., up to
d-1) misbehaviors, but then blocks users who misbehave
repeatedly. Following authentication, users remain anonymous, and SPs
learn only whether a user has crossed the threshold of d
misbehaviors. The original construction of BLAC is a special case with
d=1.
SIGN UP and GET POSTS DELIVERED TO YOUR EMAIL
ON THIS PAGE....
ARCHIVES
| November, 2008 (85) |
| October, 2008 (72) |
| September, 2008 (38) |
| August, 2008 (43) |
| July, 2008 (71) |
| June, 2008 (65) |
| May, 2008 (124) |
| April, 2008 (103) |
| March, 2008 (57) |
| February, 2008 (94) |
| January, 2008 (102) |
| December, 2007 (113) |
| November, 2007 (274) |
| October, 2007 (47) |
SEARCH THIS BLOG
Navigation
SUBSCRIBE TO CATEGORY FEEDS
Blogroll
ABOUT
Disclaimer
The opinions expressed do not represent Educational CyberPlayGround™ views in anyway.
© Copyright 2008, edu-cyberpg.com
E-mail
Tag Cloud
Sign In