Presentation is loading. Please wait.

Presentation is loading. Please wait.

TATA: Towards Anonymous Trusted Authentication May 2006 Daniele Quercia, Stephen Hailes, Licia Capra. CS department University College London

Similar presentations


Presentation on theme: "TATA: Towards Anonymous Trusted Authentication May 2006 Daniele Quercia, Stephen Hailes, Licia Capra. CS department University College London"— Presentation transcript:

1 TATA: Towards Anonymous Trusted Authentication May 2006 Daniele Quercia, Stephen Hailes, Licia Capra. CS department University College London iTrust 2006

2 Daniele Quercia iTrust 2006 TATA: Towards Anonymous Trusted Authentication 2 Outline How to avoid those attacks Authentication attacks Authentication supporting distributed trust management Help: Blind threshold signature Proposal: 2-protocol scheme How the scheme avoids the attacks

3 Daniele Quercia3 Authentication supporting distributed trust management Persistent IDs support cooperation A class of applications needs anonymous IDs Disposable and named IDs create attacks iTrust 2006 TATA: Towards Anonymous Trusted Authentication

4 Daniele Quercia4 Authentication attacks: General Privacy Breaching (interaction-realID associations) False Accusation Stolen pseudonyms (Mask) TATA: Towards Anonymous Trusted Authentication iTrust 2006

5 Daniele Quercia5 Authentication attacks: Sybil-like Against individuals Collusion for ballot-stuffing Collusion for bad mouthing Against groups Insider Outsider TATA: Towards Anonymous Trusted Authentication iTrust 2006

6 Daniele Quercia6 How to avoid those attacks AttackHow to avoid it Privacy BreachingAnonymous pseudonyms False accusationPublic keys as pseudonyms Stolen pseudonymsRevocation Sybil-likeUnique pseudonym TATA: Towards Anonymous Trusted Authentication iTrust 2006

7 Daniele Quercia7 Help: blind threshold signature A group of devices (at least t) sign Signature is blinded We need a protocol for certifying pseudonyms! TATA: Towards Anonymous Trusted Authentication iTrust 2006

8 Daniele Quercia8 Proposal: 2-protocol scheme Induction Protocol: A gets a new pseudonym (public key, signature) Authentication Protocol: A and B exchange and verify their pseudonyms TATA: Towards Anonymous Trusted Authentication iTrust 2006 reply Blinded Key Signature Group A

9 Daniele Quercia9 How the scheme avoids those attacks AttackHow … Privacy BreachingAnonymous pseudonym False accusationSigned Messages Stolen pseudonymsReveal & Run induction again Sybil-likeCertified Pseudonym TATA: Towards Anonymous Trusted Authentication iTrust 2006

10 Daniele Quercia10 Sum up Need: Unique and anonymous pseudonyms for distributed trust management Proposal: 2-protocol scheme Limitations: Collusion (more than t devices) Weak identification TATA: Towards Anonymous Trusted Authentication iTrust 2006


Download ppt "TATA: Towards Anonymous Trusted Authentication May 2006 Daniele Quercia, Stephen Hailes, Licia Capra. CS department University College London"

Similar presentations


Ads by Google