The knowledge complexity of interactive proof systems
SIAM Journal on Computing
On the Composition of Zero-Knowledge Proof Systems
SIAM Journal on Computing
The kth prime is greater than k(lnk + ln lnk - 1) for k ≥ 2
Mathematics of Computation
Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Efficient Group Signature Schemes for Large Groups (Extended Abstract)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Group signatures with verifier-local revocation
Proceedings of the 11th ACM conference on Computer and communications security
How to win the clonewars: efficient periodic n-times anonymous authentication
Proceedings of the 13th ACM conference on Computer and communications security
Enhanced privacy id: a direct anonymous attestation scheme with enhanced revocation capabilities
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Blacklistable anonymous credentials: blocking misbehaving users without ttps
Proceedings of the 14th ACM conference on Computer and communications security
Collision-free accumulators and fail-stop signature schemes without trees
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Efficient concurrent zero-knowledge in the auxiliary string model
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Efficient proofs that a committed number lies in an interval
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Quasi-efficient revocation of group signatures
FC'02 Proceedings of the 6th international conference on Financial cryptography
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Nymble: anonymous IP-address blocking
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
Accumulators from bilinear pairings and applications
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Jack: scalable accumulator-based nymble system
Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs
ACM Transactions on Information and System Security (TISSEC)
Making a nymbler nymble using VERBS
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Revocation for delegatable anonymous credentials
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
PEREA: Practical TTP-free revocation of repeatedly misbehaving anonymous users
ACM Transactions on Information and System Security (TISSEC)
FAUST: efficient, TTP-free abuse prevention by anonymous whitelisting
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Poster: arbitrators in the security infrastructure, supporting positive anonymity
Proceedings of the 18th ACM conference on Computer and communications security
BNymble: more anonymous blacklisting at almost no cost (a short paper)
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
Scalable group signatures with revocation
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Opaak: using mobile phones to limit anonymous identities online
Proceedings of the 10th international conference on Mobile systems, applications, and services
PERM: practical reputation-based blacklisting without TTPS
Proceedings of the 2012 ACM conference on Computer and communications security
| Hi-index | 0.00 |
Several anonymous authentication schemes allow servers to revoke a misbehaving user's ability to make future accesses. Traditionally, these schemes have relied on powerful TTPs capable of deanonymizing (or linking) users' connections. Recent schemes such as Blacklistable Anonymous Credentials (BLAC) and Enhanced Privacy ID (EPID) support "privacy-enhanced revocation" -- servers can revoke misbehaving users without a TTP's involvement, and without learning the revoked users' identities. In BLAC and EPID, however, the computation required for authentication at the server is linear in the size (L) of the revocation list. We propose PEREA, a new anonymous authentication scheme for which this bottleneck computation is independent of the size of the revocation list. Instead, the time complexity of authentication is linear in the size (K L) of a revocation window, the number of subsequent authentications before which a user's misbehavior must be recognized if the user is to be revoked. We prove the security of our construction, and have developed a prototype implementation of PEREA to validate its efficiency experimentally.