Institutional Repository
| ExBLACR: Extending BLACR system | |
| Wang, Weijin (1); Feng, Dengguo (1); Qin, Yu (1); Shao, Jianxiong (1); Xi, Li (1); Chu, Xiaobo (1) | |
| 2014 | |
| Conference Name | 19th Australasian Conference on Information Security and Privacy, ACISP 2014 |
| Pages | 397-412 |
| Conference Date | July 7, 2014 - July 9, 2014 |
| Conference Place | Wollongong, NSW, Australia |
| Indexed Type | EI |
| Publish Place | Springer Verlag |
| ISSN | 3029743 |
| ISBN | 9783319083438 |
| Department | (1) Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing, China |
| English Abstract | Reputation-based anonymous blacklisting systems allow users to anonymously authenticate their identities with a service provider (SP) directly, while enabling the service provider to score users' misbehaviour and deny access from users with insufficient reputation, without the assistance of a Trusted Third Party (TTP). Au, Kapadia and Susilo's reputation-based anonymous blacklisting system BLACR is an elegant solution except for the linear computational overhead in the size of the reputation list. Therefore, they proposed a more practical strategy for BLACR that allows active users to authenticate in the express lane. However, the strategy disables BLACR's ability to perform unblacklisting since removing entries from the blacklist invalidates the reputation proofs of express lane tokens. Another problem of BLACR is that the express lane tokens can be reused (replay attack). In this paper, we propose ExBLACR, which provides a solution to the above problems. Our construction directly builds from BLACR and we present an improvement of weighted-score adjusting protocol () to support unblacklisting when BLACR employs the express lane authentication. We also make a minor change to the express lane tokens to resist replay attack. © 2014 Springer International Publishing Switzerland.; Reputation-based anonymous blacklisting systems allow users to anonymously authenticate their identities with a service provider (SP) directly, while enabling the service provider to score users' misbehaviour and deny access from users with insufficient reputation, without the assistance of a Trusted Third Party (TTP). Au, Kapadia and Susilo's reputation-based anonymous blacklisting system BLACR is an elegant solution except for the linear computational overhead in the size of the reputation list. Therefore, they proposed a more practical strategy for BLACR that allows active users to authenticate in the express lane. However, the strategy disables BLACR's ability to perform unblacklisting since removing entries from the blacklist invalidates the reputation proofs of express lane tokens. Another problem of BLACR is that the express lane tokens can be reused (replay attack). In this paper, we propose ExBLACR, which provides a solution to the above problems. Our construction directly builds from BLACR and we present an improvement of weighted-score adjusting protocol () to support unblacklisting when BLACR employs the express lane authentication. We also make a minor change to the express lane tokens to resist replay attack. © 2014 Springer International Publishing Switzerland. |
| Language | 英语 |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/16602 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Wang, Weijin ,Feng, Dengguo ,Qin, Yu ,et al. ExBLACR: Extending BLACR system[C]. Springer Verlag,2014:397-412. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment