BIB-VERSION:: CS-TR-v2.0
ID:: ncstrl.dartmouthcs//TR2007-601
ENTRY:: September 30, 2007
ORGANIZATION:: Dartmouth College, Computer Science
TITLE:: Blacklistable Anonymous Credentials: Blocking Misbehaving Users without TTPs (Extended Version)
TYPE:: Technical Report (paper)
REVISION:: 1
AUTHOR:: Tsang, Patrick P.
AUTHOR:: Au, Man Ho
AUTHOR:: Kapadia, Apu
AUTHOR:: Smith, Sean W.
DATE:: September 2007
RETRIEVAL:: For a paper copy, email <reports@cs.dartmouth.edu>
RETRIEVAL:: For a paper copy, write to
       Technical Report Librarian
       Department of Computer Science
       Dartmouth College
       6211 Sudikoff Laboratory
       Hanover, NH 03755-3510
       USA
RETRIEVAL:: PDF at http://www.cs.dartmouth.edu/reports/TR2007-601.pdf
ABSTRACT:: 
Several credential systems have been proposed in which users can
authenticate to services anonymously. Since anonymity can give users
the license to misbehave, some variants allow the selective
deanonymization (or linking) of misbehaving users upon a complaint
to a trusted third party (TTP). The ability of the TTP to revoke a
user's privacy at any time, however, is too strong a punishment for
misbehavior.  To limit the scope of deanonymization, systems such as
``e-cash'' have been proposed in which users are deanonymized under
only certain types of well-defined misbehavior such as ``double
spending.''  While useful in some applications, it is not possible
to generalize such techniques to more subjective definitions of
misbehavior.
 We present the first anonymous credential system in which services
can ``blacklist'' misbehaving users without contacting a TTP. Since
blacklisted users remain anonymous, misbehaviors can be judged
subjectively without users fearing arbitrary deanonymization by a
TTP.
NOTE:: 
This technical report is the extended version of the paper to appear in CCS '07 under the same title.
END:: ncstrl.dartmouthcs//TR2007-601