Advertisement

TATA: Towards Anonymous Trusted Authentication

  • Daniele Quercia
  • Stephen Hailes
  • Licia Capra
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3986)

Abstract

Mobile devices may share resources even in the presence of untrustworthy devices. To do so, each device may use a computational model that on input of reputation information produces trust assessments. Based on such assessments, the device then decides with whom to share: it will likely end up sharing only with the most trustworthy devices, thus isolating the untrustworthy ones. All of this is, however, theoretical in the absence of a general and distributed authentication mechanism. Currently, distributed trust frameworks do not offer an authentication mechanism that supports user privacy, whilst being resistant to “Sybil attacks”. To fill the gap, we first analyze the general attack space that relates to anonymous authentication as it applies to distributed trust models. We then put forward a scheme that is based on blinded threshold signature: collections of devices certify pseudonyms without seeing them and without relying on a central authority. We finally discuss how the scheme tackles the authentication attacks.

Keywords

Security Requirement Authentication Protocol Central Authority Trust Management Sybil Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abdul-Rahman, A., Hailes, S.: Supporting Trust in Virtual Communities. In: Proceedings of the 33rd IEEE Hawaii International Conference on System Sciences, Washington DC, USA, vol. 6, p. 6007 (2000)Google Scholar
  2. 2.
    Boneh, D., Franklin, M.: Efficient generation of shared RSA keys. Journal of the ACM 48(4), 702–722 (2001)MathSciNetCrossRefMATHGoogle Scholar
  3. 3.
    Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Bussard, L., Roudier, Y., Molva, R.: Untraceable Secret Credentials: Trust Establishment with Privacy. In: Proceedings of the 2nd IEEE Annual Conference on Pervasive Computing and Communications Workshops, Orlando, USA, p. 122 (March 2004)Google Scholar
  5. 5.
    Cahill, V., Gray, E., Seigneur, J.-M., Jensen, C., Chen, Y., Shand, B., Dimmock, N., Twigg, A., Bacon, J., English, C., Wagealla, W., Terzis, S., Nixon, P., Serugendo, G., Bryce, C., Carbone, M., Krukow, K., Nielsen, M.: Using Trust for Secure Collaboration in Uncertain Environments. IEEE Pervasive Computing Mobile and Ubiquitous Computing 2(3), 52–61 (2003)CrossRefGoogle Scholar
  6. 6.
    Carbone, M., Nielsen, M., Sassone, V.: A Formal Model for Trust in Dynamic Networks. In: Proceedings of the 1st International Conference on Software Engineering and Formal Methods, Brisbane, Australia, pp. 54–63. IEEE, Los Alamitos (2003)Google Scholar
  7. 7.
    Douceur, J.R.: The Sybil Attack. In: Proceedings of the 1st International Workshop on Peer-to-Peer Systems, Cambridge, U.S, pp. 251–260. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Robust and Efficient Sharing of RSA Functions. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 157–172. Springer, Heidelberg (1996)Google Scholar
  9. 9.
    Kamvar, S.D., Schlosser, M.T., Garcia-Molina, H.: The Eigentrust algorithm for reputation management in P2P networks. In: Proceedings of 12th Conference World Wide Web, Budapest, Hungary, pp. 640–651. ACM Press, New York (2003)Google Scholar
  10. 10.
    Liu, J., Issarny, V.: Enhanced Reputation Mechanism for Mobile Ad Hoc Networks. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 48–62. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  11. 11.
    Quercia, D., Hailes, S.: MATE: Mobility and Adaptation with Trust and Expected-utility. The International Journal of Internet Technology and Secured Transactions (to appear)Google Scholar
  12. 12.
    Quercia, D., Hailes, S.: Risk Aware Decision Framework for Trusted Mobile Interactions. In: Proceedings of the 1st IEEE/CreateNet International Workshop on The Value of Security through Collaboration, Athens, Greece (September 2005)Google Scholar
  13. 13.
    Quercia, D., Lad, M., Hailes, S., Capra, L., Bhatti, S.: STRUDEL: Supporting Trust in the Dynamic Establishment of peering coaLitions. In: Proceedings of the 21st ACM Symposium on Applied Computing, Dijon, France (April 2006)Google Scholar
  14. 14.
    Quercia, D., Hailes, S., Capra, L.: B-trust: Bayesian Trust Framework for Pervasive Computing. In: Stølen, K., Winsborough, W.H., Martinelli, F., Massacci, F. (eds.) iTrust 2006. LNCS, vol. 3986, pp. 298–312. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Resnick, P.: The Social Cost of Cheap Pseudonyms. Journal of Economics and Management Strategy 10(2), 173–199 (2001)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Seigneur, J.-M., Jensen, C.D.: Trading Privacy for Trust. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 93–107. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    Seigneur, J.-M., Gray, A., Jensen, C.D.: Trust Transfer: Encouraging Self-Recommendations without Sybil Attack. In: Herrmann, P., Issarny, V., Shiu, S.C.K. (eds.) iTrust 2005. LNCS, vol. 3477, pp. 321–337. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Shoup, V.: Practical Threshold Signatures. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 207–220. Springer, Heidelberg (2000)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Daniele Quercia
    • 1
  • Stephen Hailes
    • 1
  • Licia Capra
    • 1
  1. 1.Department of Computer ScienceUniversity College LondonLondonUK

Personalised recommendations