Abstract
Mobile devices may share resources even in the presence of untrustworthy devices. To do so, each device may use a computational model that on input of reputation information produces trust assessments. Based on such assessments, the device then decides with whom to share: it will likely end up sharing only with the most trustworthy devices, thus isolating the untrustworthy ones. All of this is, however, theoretical in the absence of a general and distributed authentication mechanism. Currently, distributed trust frameworks do not offer an authentication mechanism that supports user privacy, whilst being resistant to “Sybil attacks”. To fill the gap, we first analyze the general attack space that relates to anonymous authentication as it applies to distributed trust models. We then put forward a scheme that is based on blinded threshold signature: collections of devices certify pseudonyms without seeing them and without relying on a central authority. We finally discuss how the scheme tackles the authentication attacks.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Abdul-Rahman, A., Hailes, S.: Supporting Trust in Virtual Communities. In: Proceedings of the 33rd IEEE Hawaii International Conference on System Sciences, Washington DC, USA, vol. 6, p. 6007 (2000)
Boneh, D., Franklin, M.: Efficient generation of shared RSA keys. Journal of the ACM 48(4), 702–722 (2001)
Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Bussard, L., Roudier, Y., Molva, R.: Untraceable Secret Credentials: Trust Establishment with Privacy. In: Proceedings of the 2nd IEEE Annual Conference on Pervasive Computing and Communications Workshops, Orlando, USA, p. 122 (March 2004)
Cahill, V., Gray, E., Seigneur, J.-M., Jensen, C., Chen, Y., Shand, B., Dimmock, N., Twigg, A., Bacon, J., English, C., Wagealla, W., Terzis, S., Nixon, P., Serugendo, G., Bryce, C., Carbone, M., Krukow, K., Nielsen, M.: Using Trust for Secure Collaboration in Uncertain Environments. IEEE Pervasive Computing Mobile and Ubiquitous Computing 2(3), 52–61 (2003)
Carbone, M., Nielsen, M., Sassone, V.: A Formal Model for Trust in Dynamic Networks. In: Proceedings of the 1st International Conference on Software Engineering and Formal Methods, Brisbane, Australia, pp. 54–63. IEEE, Los Alamitos (2003)
Douceur, J.R.: The Sybil Attack. In: Proceedings of the 1st International Workshop on Peer-to-Peer Systems, Cambridge, U.S, pp. 251–260. Springer, Heidelberg (2002)
Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Robust and Efficient Sharing of RSA Functions. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 157–172. Springer, Heidelberg (1996)
Kamvar, S.D., Schlosser, M.T., Garcia-Molina, H.: The Eigentrust algorithm for reputation management in P2P networks. In: Proceedings of 12th Conference World Wide Web, Budapest, Hungary, pp. 640–651. ACM Press, New York (2003)
Liu, J., Issarny, V.: Enhanced Reputation Mechanism for Mobile Ad Hoc Networks. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 48–62. Springer, Heidelberg (2004)
Quercia, D., Hailes, S.: MATE: Mobility and Adaptation with Trust and Expected-utility. The International Journal of Internet Technology and Secured Transactions (to appear)
Quercia, D., Hailes, S.: Risk Aware Decision Framework for Trusted Mobile Interactions. In: Proceedings of the 1st IEEE/CreateNet International Workshop on The Value of Security through Collaboration, Athens, Greece (September 2005)
Quercia, D., Lad, M., Hailes, S., Capra, L., Bhatti, S.: STRUDEL: Supporting Trust in the Dynamic Establishment of peering coaLitions. In: Proceedings of the 21st ACM Symposium on Applied Computing, Dijon, France (April 2006)
Quercia, D., Hailes, S., Capra, L.: B-trust: Bayesian Trust Framework for Pervasive Computing. In: Stølen, K., Winsborough, W.H., Martinelli, F., Massacci, F. (eds.) iTrust 2006. LNCS, vol. 3986, pp. 298–312. Springer, Heidelberg (2006)
Resnick, P.: The Social Cost of Cheap Pseudonyms. Journal of Economics and Management Strategy 10(2), 173–199 (2001)
Seigneur, J.-M., Jensen, C.D.: Trading Privacy for Trust. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 93–107. Springer, Heidelberg (2004)
Seigneur, J.-M., Gray, A., Jensen, C.D.: Trust Transfer: Encouraging Self-Recommendations without Sybil Attack. In: Herrmann, P., Issarny, V., Shiu, S.C.K. (eds.) iTrust 2005. LNCS, vol. 3477, pp. 321–337. Springer, Heidelberg (2005)
Shoup, V.: Practical Threshold Signatures. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 207–220. Springer, Heidelberg (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Quercia, D., Hailes, S., Capra, L. (2006). TATA: Towards Anonymous Trusted Authentication. In: Stølen, K., Winsborough, W.H., Martinelli, F., Massacci, F. (eds) Trust Management. iTrust 2006. Lecture Notes in Computer Science, vol 3986. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11755593_23
Download citation
DOI: https://doi.org/10.1007/11755593_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34295-3
Online ISBN: 978-3-540-34297-7
eBook Packages: Computer ScienceComputer Science (R0)