The knowledge complexity of interactive proof systems
SIAM Journal on Computing
On the Composition of Zero-Knowledge Proof Systems
SIAM Journal on Computing
The kth prime is greater than k(lnk + ln lnk - 1) for k ≥ 2
Mathematics of Computation
Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Efficient Group Signature Schemes for Large Groups (Extended Abstract)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Some Open Issues and New Directions in Group Signatures
FC '99 Proceedings of the Third International Conference on Financial Cryptography
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
A Practical and Provably Secure Coalition-Resistant Group Signature Scheme
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Signature schemes and applications to cryptographic protocol design
Signature schemes and applications to cryptographic protocol design
Group signatures with verifier-local revocation
Proceedings of the 11th ACM conference on Computer and communications security
How to win the clonewars: efficient periodic n-times anonymous authentication
Proceedings of the 13th ACM conference on Computer and communications security
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Enhanced privacy id: a direct anonymous attestation scheme with enhanced revocation capabilities
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Blacklistable anonymous credentials: blocking misbehaving users without ttps
Proceedings of the 14th ACM conference on Computer and communications security
Universal Accumulators with Efficient Nonmembership Proofs
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
PEREA: towards practical TTP-free revocation in anonymous authentication
Proceedings of the 15th ACM conference on Computer and communications security
Efficient Protocols for Set Membership and Range Proofs
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Collision-free accumulators and fail-stop signature schemes without trees
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Efficient proofs that a committed number lies in an interval
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Quasi-efficient revocation of group signatures
FC'02 Proceedings of the 6th international conference on Financial cryptography
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Nymble: anonymous IP-address blocking
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
Jack: scalable accumulator-based nymble system
Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs
ACM Transactions on Information and System Security (TISSEC)
Making a nymbler nymble using VERBS
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Accumulators from bilinear pairings and applications
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
PERM: practical reputation-based blacklisting without TTPS
Proceedings of the 2012 ACM conference on Computer and communications security
Thinking inside the BLAC box: smarter protocols for faster anonymous blacklisting
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Batch proofs of partial knowledge
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
Several anonymous authentication schemes allow servers to revoke a misbehaving user's ability to make future accesses. Traditionally, these schemes have relied on powerful Trusted Third Parties (TTPs) capable of deanonymizing (or linking) users' connections. Such TTPs are undesirable because users' anonymity is not guaranteed, and users must trust them to judge misbehaviors fairly. Recent schemes such as Blacklistable Anonymous Credentials (BLAC) and Enhanced Privacy ID (EPID) support “privacy-enhanced revocation”— servers can revoke misbehaving users without a TTP's involvement, and without learning the revoked users' identities. In BLAC and EPID, however, the computation required for authentication at the server is linear in the size (L) of the revocation list, which is impractical as the size approaches thousands of entries. We propose PEREA, a new anonymous authentication scheme for which this bottleneck computation is independent of the size of the revocation list. Instead, the time complexity of authentication is linear in the size of a revocation window K ≪ L, the number of subsequent authentications before which a user's misbehavior must be recognized if the user is to be revoked. We extend PEREA to support more complex revocation policies that take the severity of misbehaviors into account. Users can authenticate anonymously if their naughtiness, i.e., the sum of the severities of their blacklisted misbehaviors, is below a certain naughtiness threshold. We call our extension PEREA-Naughtiness. We prove the security of our constructions, and validate their efficiency as compared to BLAC analytically and quantitatively.