Document Type
Technical Report
Publication Date
9-30-2007
Technical Report Number
TR2007-601
Abstract
Several credential systems have been proposed in which users can authenticate to services anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective deanonymization (or linking) of misbehaving users upon a complaint to a trusted third party (TTP). The ability of the TTP to revoke a user's privacy at any time, however, is too strong a punishment for misbehavior. To limit the scope of deanonymization, systems such as ``e-cash'' have been proposed in which users are deanonymized under only certain types of well-defined misbehavior such as ``double spending.'' While useful in some applications, it is not possible to generalize such techniques to more subjective definitions of misbehavior. We present the first anonymous credential system in which services can ``blacklist'' misbehaving users without contacting a TTP. Since blacklisted users remain anonymous, misbehaviors can be judged subjectively without users fearing arbitrary deanonymization by a TTP.
Dartmouth Digital Commons Citation
Tsang, Patrick P.; Au, Man Ho; Kapadia, Apu; and Smith, Sean W., "Blacklistable Anonymous Credentials: Blocking Misbehaving Users without TTPs (Extended Version)" (2007). Computer Science Technical Report TR2007-601. https://digitalcommons.dartmouth.edu/cs_tr/302
Comments
This technical report is the extended version of the paper to appear in CCS '07 under the same title.