Abstract
In invitation-based systems, a user is allowed to join upon receipt of a certain number of invitations from the existing members. The system administrator approves the new membership if he authenticates the inviters and the invitations, knowing who is invited by whom. However, the inviter-invitee relationship is privacy-sensitive information and can be exploited for inference attacks: The invitee’s profile (e.g., political view or location) might leak through the inviters’ profiles. To cope with this problem, we propose Inonymous, an anonymous invitation-based system where the administrator and the existing members do not know who is invited by whom. We formally define and prove the inviter anonymity against honest but curious adversaries and the information theoretic unforgeability of invitations. Inonymous is efficiently scalable in the sense that once a user joins the system, he can immediately act as an inviter, without re-keying and imposing overhead on the existing members. We also present \({InonymouX} \), an anonymous cross-network invitation-based system where users join one network (e.g., Twitter) using invitations of members of another network (e.g., Facebook).
This is a preview of subscription content, log in via an institution.
References
Bogdanov, D.: Foundations and properties of Shamir’s secret sharing scheme research seminar in cryptography. University of Tartu, Institute of Computer Science, 1 May 2007
Chaabane, A., Acs, G., Kaafar, M.A., et al.: You are what you like! information leakage through users interests. In: Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS) (2012)
Gong, N.Z., Wang, D.: On the security of trustee-based social authentications. IEEE Trans. Inf. Forensics Secur. 9(8), 1251–1263 (2014)
Gu, K., Jia, W., Chen, R., Liu, X.: Secure and efficient proxy signature scheme in the standard model. Chin. J. Electron. 22(4), 666–670 (2013)
Harn, L., Lin, C.: Authenticated group key transfer protocol based on secret sharing. IEEE Trans. Comput. 59(6), 842–846 (2010)
Kravitz, D.W.: Digital signature algorithm. US Patent 5,231,668, 27 July 1993
Mahmood, S.: Online social networks: privacy threats and defenses. In: Chbeir, R., Al Bouna, B. (eds.) Security and Privacy Preserving in Social Networks, pp. 47–71. Springer, Vienna (2013)
Malar, G.P., Shyni, C.E.: Facebook’s trustee based social authentication
Parameswari, S.M., Sukumaran, S.: Trustee based authentication mechanism for social network. Int. J. Latest Res. Sci. Technol. 4, 84–88 (2015)
Rao, F.-Y.: On the security of a variant of ELGamal encryption scheme. IEEE Trans. Dependable Secure Comput. (2017)
Roy, A., Karforma, S.: A survey on digital signatures and its applications. J. Comput. Inf. Technol. 3(1), 45–69 (2012)
Sharimila, K., Janaki, V., Nagaraju, A.: Enhanced user authentication techniques using the fourth factor “some body the user knows”. In: Proceedings of International Conference on Advances in Computer Science, AETACS. Elsevier (2013)
Yu, J., Kong, F., Cheng, X., Hao, R., Li, G.: One forward-secure signature scheme using bilinear maps and its applications. Inf. Sci. 279, 60–76 (2014)
Acknowledgements
We acknowledge the support of the Royal Society of UK Newton Advanced Fellowship NA140464 and European Union COST Action IC1306.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Boshrooyeh, S.T., Küpçü, A. (2017). Inonymous: Anonymous Invitation-Based System. In: Garcia-Alfaro, J., Navarro-Arribas, G., Hartenstein, H., Herrera-Joancomartí, J. (eds) Data Privacy Management, Cryptocurrencies and Blockchain Technology. DPM CBT 2017 2017. Lecture Notes in Computer Science(), vol 10436. Springer, Cham. https://doi.org/10.1007/978-3-319-67816-0_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-67816-0_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67815-3
Online ISBN: 978-3-319-67816-0
eBook Packages: Computer ScienceComputer Science (R0)