×

ExBLACR: extending BLACR system. (English) Zbl 1337.94102

Susilo, Willy (ed.) et al., Information security and privacy. 19th Australasian conference, ACISP 2014, Wollongong, NSW, Australia, July 7–9, 2014. Proceedings. Berlin: Springer (ISBN 978-3-319-08343-8/pbk). Lecture Notes in Computer Science 8544, 397-412 (2014).
Summary: Reputation-based anonymous blacklisting systems allow users to anonymously authenticate their identities with a service provider (SP) directly, while enabling the service provider to score users’ misbehaviour and deny access from users with insufficient reputation, without the assistance of a Trusted Third Party (TTP). Au, Kapadia and Susilo’s reputation-based anonymous blacklisting system BLACR is an elegant solution except for the linear computational overhead in the size of the reputation list. Therefore, they proposed a more practical strategy for BLACR that allows active users to authenticate in the express lane. However, the strategy disables BLACR’s ability to perform unblacklisting since removing entries from the blacklist invalidates the reputation proofs of express lane tokens. Another problem of BLACR is that the express lane tokens can be reused (replay attack). In this paper, we propose ExBLACR, which provides a solution to the above problems. Our construction directly builds from BLACR and we present an improvement of weighted-score adjusting protocol (\(\mathfrak{G}_{WS-Adj}\)) to support unblacklisting when BLACR employs the express lane authentication. We also make a minor change to the express lane tokens to resist replay attack.
For the entire collection see [Zbl 1291.94003].

MSC:

94A62 Authentication, digital signatures and secret sharing
68P25 Data encryption (aspects in computer science)
PDFBibTeX XMLCite
Full Text: DOI