A Self-certified and Sybil-Free Framework for Secure Digital Identity Domain Buildup

  • Christer Andersson
  • Markulf Kohlweiss
  • Leonardo A. Martucci
  • Andriy Panchenko
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5019)


An attacker who can control arbitrarily many user identities can break the security properties of most conceivable systems. This is called a “Sybil attack”. We present a solution to this problem that does not require online communication with a trusted third party and that in addition preserves the privacy of honest users. Given an initial so-called Sybil-free identity domain, our proposal can be used for deriving Sybil-free unlinkable pseudonyms associated with other identity domains. The pseudonyms are self-certified and computed by the users themselves from their cryptographic long-term identities.


Signature Scheme Admission Control Trusted Third Party Identity Domain Sybil Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Andersson, C., Camenisch, J., Crane, S., Fischer-Hübner, S., Leenes, R., Pearson, S., Pettersson, J.S., Sommer, D.: Trust in PRIME. In: Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, pp. 552–559 (2005)Google Scholar
  2. 2.
    Anonymous Authors. Anonymized title. In: Proceedings of Anonymized Conference (2008)Google Scholar
  3. 3.
    Bangerter, E., Camenisch, J., Maurer, U.M.: Efficient Proofs of Knowledge of Discrete Logarithms and Representations in Groups with Hidden Order. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 154–171. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Bhargav-Spantzel, A., Camenisch, J., Gross, T., Sommer, D.: User centricity: a taxonomy and open issues. In: DIM 2006: Proceedings of the second ACM workshop on Digital identity management, pp. 1–10. ACM Press, New York (2006)CrossRefGoogle Scholar
  5. 5.
    Borcea-Pfitzmann, K., Franz, E., Pfitzmann, A.: Usable presentation of secure pseudonyms. In: DIM 2005: Proceedings of the 2005 workshop on Digital identity management, pp. 70–76. ACM Press, New York (2005)CrossRefGoogle Scholar
  6. 6.
    Boudot, F.: Efficient Proofs that a Committed Number Lies in an Interval. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 431–444. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Brands, S.: Rapid Demonstration of Linear Relations Connected by Boolean Operators. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 318–333. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  8. 8.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: CCS 2004: Proceedings of the 11th ACM conference on Computer and communications security, pp. 132–145. ACM Press, New York (2004)Google Scholar
  9. 9.
    Camenisch, J., Hohenberger, S., Kohlweiss, M., Lysyanskaya, A., Meyerovich, M.: How to win the clone wars: Efficient periodic n-times anonymous authentication. In: ACM Conference on Computer and Communications Security, ACM, New York (2006)Google Scholar
  10. 10.
    Camenisch, J., Hohenberger, S., Lysyanskaya, A.: Compact E-Cash. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 302–321. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  13. 13.
    Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Camenisch, J., Stadler, M.: Proof systems for general statements about discrete logarithms. Technical Report TR 260, Institute for Theoretical Computer Science, ETH Zürich (March 1997)Google Scholar
  15. 15.
    Damgård, I., Dupont, K., Pedersen, M.Ø.: Unclonable group identification. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 555–572. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Dodis, Y., Yampolskiy, A.: A Verifiable Random Function with Short Proofs and Keys. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 416–431. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Douceur, J.R.: The Sybil Attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  18. 18.
    Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)CrossRefGoogle Scholar
  19. 19.
    Franz, E., Borcea-Pfitzmann, K.: Intra-application partitioning in an elearning environment - a discussion of critical aspects. In: ARES ’06: Proceedings of the First International Conference on Availability, Reliability and Security (ARES 2006), Washington, DC, USA, pp. 872–878. IEEE Computer Society, Los Alamitos (2006)Google Scholar
  20. 20.
    Fujisaki, E., Okamoto, T.: Statistical zero knowledge protocols to prove modular polynomial relations. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  21. 21.
    Kim, Y., Mazzocchi, D., Tsudik, G.: Admission control in peer groups. In: NCA, pp. 131–139. IEEE Computer Society, Los Alamitos (2003)Google Scholar
  22. 22.
    Kunz-Jacques, S., Martinet, G., Poupard, G., Stern, J.: Cryptanalysis of an efficient proof of knowledge of discrete logarithm. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 27–43. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  23. 23.
    Levine, B.N., Shields, C., Margolin, N.B.: A survey of solutions to the sybil attack. Tech report 2006-052, University of Massachusetts Amherst, Amherst, MA (October 2006)Google Scholar
  24. 24.
    Pedersen, T.P.: Non-interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) Crypto 1992. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  25. 25.
    Saxena, N., Tsudik, G., Yi, J.H.: Admission control in peer-to-peer: design and performance evaluation. In: Setia, S., Swarup, V. (eds.) SASN, pp. 104–113. ACM, New York (2003)CrossRefGoogle Scholar
  26. 26.
    Saxena, N., Tsudik, G., Yi, J.H.: Efficient node admission for short-lived mobile ad hoc networks. In: ICNP, pp. 269–278. IEEE Computer Society, Los Alamitos (2005)Google Scholar
  27. 27.
    Schnorr, C.P.: Efficient signature generation for smart cards. Journal of Cryptology 4(3), 239–252 (1991)CrossRefzbMATHGoogle Scholar
  28. 28.
    Teranishi, I., Furukawa, J., Sako, K.: k-times anonymous authentication (extended abstract). In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 308–322. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  29. 29.
    Yu, H., Kaminsky, M., Gibbons, P.B., Flaxman, A.: SybilGuard: defending against sybil attacks via social networks. In: SIGCOMM 2006, pp. 267–278. ACM Press, New York (2006)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2008

Authors and Affiliations

  • Christer Andersson
    • 1
  • Markulf Kohlweiss
    • 2
  • Leonardo A. Martucci
    • 1
  • Andriy Panchenko
    • 3
  1. 1.Department of Computer ScienceKarlstads UniversitetKarlstadSweden
  2. 2.ESAT/COSICKatholieke Universiteit LeuvenLeuven-HeverleeBelgium
  3. 3.Department of Computer ScienceRWTH Aachen UniversityAachenGermany

Personalised recommendations