1 / 10

TATA: Towards Anonymous Trusted Authentication

Daniele Quercia, Stephen Hailes, Licia Capra. CS department University College London {d.quercia}@cs.ucl.ac.uk. TATA: Towards Anonymous Trusted Authentication. iTrust 2006. May 2006. Daniele Quercia. TATA: Towards Anonymous Trusted Authentication. Outline.

honora
Download Presentation

TATA: Towards Anonymous Trusted Authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Daniele Quercia, • Stephen Hailes, • Licia Capra. • CS department • University College London • {d.quercia}@cs.ucl.ac.uk TATA: Towards Anonymous Trusted Authentication iTrust 2006 May 2006

  2. Daniele Quercia TATA: Towards Anonymous Trusted Authentication Outline Authentication supporting distributed trust management Authentication attacks How to avoid those attacks Help: Blind threshold signature Proposal: 2-protocol scheme How the scheme avoids the attacks 2 iTrust 2006

  3. Daniele Quercia TATA: Towards Anonymous Trusted Authentication Authentication supporting distributed trust management Persistent IDs support cooperation A class of applications needs anonymous IDs Disposable and named IDs create attacks 3 iTrust 2006

  4. Daniele Quercia TATA: Towards Anonymous Trusted Authentication Authentication attacks: General Privacy Breaching (interaction-realID associations) False Accusation Stolen pseudonyms (Mask) 4 iTrust 2006

  5. Daniele Quercia TATA: Towards Anonymous Trusted Authentication Authentication attacks: Sybil-like Against groups Insider Outsider Against individuals Collusion for ballot-stuffing Collusion for bad mouthing 5 iTrust 2006

  6. Daniele Quercia TATA: Towards Anonymous Trusted Authentication How to avoid those attacks 6 iTrust 2006

  7. Daniele Quercia TATA: Towards Anonymous Trusted Authentication Help: blind threshold signature A group of devices (at least t) sign Signature is blinded We need a protocol for certifying pseudonyms! 7 iTrust 2006

  8. Daniele Quercia TATA: Towards Anonymous Trusted Authentication Proposal: 2-protocol scheme Induction Protocol:A gets a new pseudonym (public key, signature) Group A reply Blinded Key Signature Authentication Protocol:A and B exchange and verify their pseudonyms 8 iTrust 2006

  9. Daniele Quercia TATA: Towards Anonymous Trusted Authentication How the scheme avoids those attacks 9 iTrust 2006

  10. Daniele Quercia TATA: Towards Anonymous Trusted Authentication Sum up Need: Unique and anonymous pseudonyms for distributed trust management Proposal: 2-protocol scheme Limitations: Collusion (more than t devices) Weak identification 10 iTrust 2006

More Related