Inonymous: Anonymous Invitation-Based System

  • Sanaz Taheri BoshrooyehEmail author
  • Alptekin Küpçü
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10436)


In invitation-based systems, a user is allowed to join upon receipt of a certain number of invitations from the existing members. The system administrator approves the new membership if he authenticates the inviters and the invitations, knowing who is invited by whom. However, the inviter-invitee relationship is privacy-sensitive information and can be exploited for inference attacks: The invitee’s profile (e.g., political view or location) might leak through the inviters’ profiles. To cope with this problem, we propose Inonymous, an anonymous invitation-based system where the administrator and the existing members do not know who is invited by whom. We formally define and prove the inviter anonymity against honest but curious adversaries and the information theoretic unforgeability of invitations. Inonymous is efficiently scalable in the sense that once a user joins the system, he can immediately act as an inviter, without re-keying and imposing overhead on the existing members. We also present \({InonymouX} \), an anonymous cross-network invitation-based system where users join one network (e.g., Twitter) using invitations of members of another network (e.g., Facebook).


Invitation-based system Anonymity Unforgeability Cross-network invitation 



We acknowledge the support of the Royal Society of UK Newton Advanced Fellowship NA140464 and European Union COST Action IC1306.


  1. 1.
  2. 2.
    Bogdanov, D.: Foundations and properties of Shamir’s secret sharing scheme research seminar in cryptography. University of Tartu, Institute of Computer Science, 1 May 2007Google Scholar
  3. 3.
    Chaabane, A., Acs, G., Kaafar, M.A., et al.: You are what you like! information leakage through users interests. In: Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS) (2012)Google Scholar
  4. 4.
    Gong, N.Z., Wang, D.: On the security of trustee-based social authentications. IEEE Trans. Inf. Forensics Secur. 9(8), 1251–1263 (2014)CrossRefGoogle Scholar
  5. 5.
    Gu, K., Jia, W., Chen, R., Liu, X.: Secure and efficient proxy signature scheme in the standard model. Chin. J. Electron. 22(4), 666–670 (2013)Google Scholar
  6. 6.
    Harn, L., Lin, C.: Authenticated group key transfer protocol based on secret sharing. IEEE Trans. Comput. 59(6), 842–846 (2010)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Kravitz, D.W.: Digital signature algorithm. US Patent 5,231,668, 27 July 1993Google Scholar
  8. 8.
    Mahmood, S.: Online social networks: privacy threats and defenses. In: Chbeir, R., Al Bouna, B. (eds.) Security and Privacy Preserving in Social Networks, pp. 47–71. Springer, Vienna (2013)CrossRefGoogle Scholar
  9. 9.
    Malar, G.P., Shyni, C.E.: Facebook’s trustee based social authenticationGoogle Scholar
  10. 10.
    Parameswari, S.M., Sukumaran, S.: Trustee based authentication mechanism for social network. Int. J. Latest Res. Sci. Technol. 4, 84–88 (2015)Google Scholar
  11. 11.
    Rao, F.-Y.: On the security of a variant of ELGamal encryption scheme. IEEE Trans. Dependable Secure Comput. (2017)Google Scholar
  12. 12.
    Roy, A., Karforma, S.: A survey on digital signatures and its applications. J. Comput. Inf. Technol. 3(1), 45–69 (2012)Google Scholar
  13. 13.
    Sharimila, K., Janaki, V., Nagaraju, A.: Enhanced user authentication techniques using the fourth factor “some body the user knows”. In: Proceedings of International Conference on Advances in Computer Science, AETACS. Elsevier (2013)Google Scholar
  14. 14.
    Yu, J., Kong, F., Cheng, X., Hao, R., Li, G.: One forward-secure signature scheme using bilinear maps and its applications. Inf. Sci. 279, 60–76 (2014)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Department of Computer EngineeringKoç UniversityİstanbulTurkey

Personalised recommendations