TATA: TATA: Towards Anonymous Trusted Towards Anonymous Trusted

AuthenticationAuthentication

May 2006

Daniele Quercia,

Stephen Hailes,

Licia Capra.

CS departmentUniversity College London{d.quercia}@cs.ucl.ac.uk

iTrust 2006

Daniele Quercia

iTrust 2006

TATA: Towards Anonymous Trusted Authentication

22

Outline

How to avoid those attacks

Authentication attacks

Authentication supporting distributed trust management

Help: Blind threshold signature

Proposal: 2-protocol scheme

How the scheme avoids the attacks

Daniele Quercia

33

Authentication supporting distributed trust management

Persistent IDs support cooperation

A class of applications needs anonymous IDs

Disposable and named IDs create attacks

iTrust 2006

TATA: Towards Anonymous Trusted Authentication

Daniele Quercia

44

Authentication attacks: General

Privacy Breaching (interaction-realID associations)

False Accusation

Stolen pseudonyms (Mask)

TATA: Towards Anonymous Trusted Authentication

iTrust 2006

Daniele Quercia

55

Authentication attacks: Sybil-like

Against individuals

Collusion for ballot-stuffing

Collusion for bad mouthing

Against groups

Insider

Outsider

TATA: Towards Anonymous Trusted Authentication

iTrust 2006

Daniele Quercia

66

How to avoid those attacks

Attack How to avoid it

Privacy Breaching Anonymous pseudonyms

False accusation Public keys as pseudonyms

Stolen pseudonyms Revocation

Sybil-like Unique pseudonym

TATA: Towards Anonymous Trusted Authentication

iTrust 2006

Daniele Quercia

77

Help: blind threshold signature

A group of devices (at least t) sign

Signature is blinded

We need a protocol for certifying pseudonyms!

TATA: Towards Anonymous Trusted Authentication

iTrust 2006

Daniele Quercia

88

Proposal: 2-protocol scheme

Induction Protocol: A gets a new pseudonym (public key, signature)

Authentication Protocol: A and B exchange and verify their pseudonyms

TATA: Towards Anonymous Trusted Authentication

iTrust 2006

reply

Blinded Key

Signature

GroupA

Daniele Quercia

99

How the scheme avoids those attacks

Attack How …

Privacy Breaching Anonymous pseudonym

False accusation Signed Messages

Stolen pseudonyms Reveal & Run induction again

Sybil-like Certified Pseudonym

TATA: Towards Anonymous Trusted Authentication

iTrust 2006

Daniele Quercia

1010

Sum up

Need: Unique and anonymous pseudonyms for distributed trust management

Proposal: 2-protocol scheme

Limitations:

Collusion (more than t devices)

Weak identification

TATA: Towards Anonymous Trusted Authentication

iTrust 2006