Dartmouth logo Dartmouth College Computer Science
Technical Report series
CS home
TR home
TR search TR listserv
By author: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
By number: 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009, 2008, 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000, 1999, 1998, 1997, 1996, 1995, 1994, 1993, 1992, 1991, 1990, 1989, 1988, 1987, 1986

BLAC: Revoking Repeatedly Misbehaving Anonymous Users Without Relying on TTPs
Patrick P. Tsang, Man Ho Au, Apu Kapadia, Sean W. Smith
Dartmouth TR2008-635


Several credential systems have been proposed in which users can authenticate to service providers anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a complaint to a trusted third party (TTP). The ability of the TTP to revoke a user's privacy at any time, however, is too strong a punishment for misbehavior. To limit the scope of deanonymization, systems have been proposed in which users are deanonymized if they authenticate ``too many times,'' such as ``double spending'' with electronic cash. While useful in some applications, it is not possible to generalize such techniques to more subjective definitions of misbehavior, e.g., it is not possible to block users who ``deface too many webpages'' on a website.

We present BLAC, the first anonymous credential system in which service providers can revoke the credentials of repeatedly misbehaving users without relying on a TTP. Since revoked users remain anonymous, misbehaviors can be judged subjectively without users fearing arbitrary deanonymization by a TTP. Finally, our construction supports a $d$-strikes-out revocation policy, whereby users who have been subjectively judged to have repeatedly misbehaved at least $d$ times are revoked from the system.


The preliminary part of this report is based on our work originally published in the proceedings of the 14th ACM Conference on Computer and Communication Security (CCS '07), October 2007, under the title of "Blacklistable Anonymous Credentials: Blocking Misbehaving Users without TTPs". At the same period of time, we published an extended version of the CCS '07 paper as Dartmouth Computer Science technical report TR2007-601, which contained further details that did not fit into the conference paper.

In this report, we make a significant additional contribution by extending our original construction of BLAC to provide more flexible revocation --- SPs can specify a d-strikes-out revocation policy, so that users can authenticate anonymously only if they have not misbehaved d or more times. Such a policy forgives a few (i.e., up to d-1) misbehaviors, but then blocks users who misbehave repeatedly. Following authentication, users remain anonymous, and SPs learn only whether a user has crossed the threshold of d misbehaviors. The original construction of BLAC is a special case with d=1.


Bibliographic citation for this report: [plain text] [BIB] [BibTeX] [Refer]

Or copy and paste:
   Patrick P. Tsang, Man Ho Au, Apu Kapadia, and Sean W. Smith, "BLAC: Revoking Repeatedly Misbehaving Anonymous Users Without Relying on TTPs." Dartmouth Computer Science Technical Report TR2008-635, October 2008.

Notify me about new tech reports.

Search the technical reports.

To receive paper copy of a report, by mail, send your address and the TR number to reports AT cs.dartmouth.edu

Copyright notice: The documents contained in this server are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.

Technical reports collection maintained by David Kotz.