A Self-certified and Sybil-Free Framework for Secure Digital Identity Domain Buildup
- Cite this paper as:
- Andersson C., Kohlweiss M., Martucci L.A., Panchenko A. (2008) A Self-certified and Sybil-Free Framework for Secure Digital Identity Domain Buildup. In: Onieva J.A., Sauveron D., Chaumette S., Gollmann D., Markantonakis K. (eds) Information Security Theory and Practices. Smart Devices, Convergence and Next Generation Networks. WISTP 2008. Lecture Notes in Computer Science, vol 5019. Springer, Berlin, Heidelberg
An attacker who can control arbitrarily many user identities can break the security properties of most conceivable systems. This is called a “Sybil attack”. We present a solution to this problem that does not require online communication with a trusted third party and that in addition preserves the privacy of honest users. Given an initial so-called Sybil-free identity domain, our proposal can be used for deriving Sybil-free unlinkable pseudonyms associated with other identity domains. The pseudonyms are self-certified and computed by the users themselves from their cryptographic long-term identities.