Publication Details

Au, M., Kapadia, A. & Susilo, W. (2012). BLACR: TTP-free blacklistable anonymous credentials with reputation. NDSS Symposium 2012: 19th Network & Distributed System Security Symposium (pp. 1-17). USA: Internet Society.


Anonymous authentication can give users the license to misbehave since there is no fear of retribution. As a deterrent, or means to revocation, various schemes for accountable anonymity feature some kind of (possibly distributed) trusted third party (TTP) with the power to identify or link misbehaving users. Recently, schemes such as BLAC and PEREA showed how anonymous revocation can be achieved without such TTPs—anonymous users can be revoked if they misbehave, and yet nobody can identify or link such users cryptographically. Despite being the state of the art in anonymous revocation, these schemes allow only a basic form of revocation amounting to ‘revoke anybody with d or more misbehaviors’ or ‘revoke anybody whose combined misbehavior score is too high’ (where misbehaviors are assigned a ‘severity’ score). We present BLACR, which significantly advances anonymous revocation in three ways: 1) It constitutes a first attempt to generalize reputation-based anonymous revocation, where negative or positive scores can be assigned to anonymous sessions across multiple categories. Servers can block users based on policies, which specify a boolean combination of reputations in these categories; 2) We present a weighted extension, which allows the total severity score to ramp up for multiple misbehaviors by the same user; and, 3) We make a significant improvement in authentication times through a technique we call express lane authentication, which makes reputation-based anonymous revocation practical.

Grant Number