标题：Decentralized blacklistable anonymous credentials with reputation
作者：Yang, Rupeng ;Au, Man Ho ;Xu, Qiuliang ;Yu, Zuoxia
作者机构：[Yang, Rupeng ;Xu, Qiuliang ] School of Computer Science and Technology, Shandong University, Jinan; 250101, China;[Yang, Rupeng ;Au, Man Ho ;Yu, Zuox 更多
会议名称：23rd Australasian Conference on Information Security and Privacy, ACISP 2018
会议日期：11 July 2018 through 13 July 2018
来源：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
摘要：Blacklistable anonymous credential systems provide service providers with a way to authenticate users according to their historical behaviors, while guaranteeing that all users can access services in an anonymous and unlinkable manner, thus are potentially useful in practice. Traditionally, to protect services from illegal access, the credential issuer, which completes the registration with users, must be trusted by the service provider. However, in practice, this trust assumption is usually unsatisfied. In this paper, we solve this problem and present the decentralized blacklistable anonymous credential system with reputation (DBLACR), which inherits nearly all features of the BLACR system presented in Au et.al. (NDSS’12) but does not need a trusted party to register users. The new system also has extra advantages. In particular, it enables blacklist (historical behaviors) sharing among different service providers and is partially resilient to the blacklist gaming attack, where dishonest service providers attempt to compromise the privacy of users via generating blacklist maliciously. Technically, the main approach to achieve DBLACR system is a novel use of the blockchain technique, which serves as a public append-only ledger. The system can be instantiated from three different types of cryptographic systems, including the RSA system, the classical DL system, and the pairing based system. To demonstrate the practicability of our system, we also give a proof of concept implementation for the instantiation under the RSA system. The experiment results indicate that when authenticating with blacklists of reasonable size, our implementation can fulfill practical efficiency demands. © Springer International Publishing AG, part of Springer Nature 2018.