A Self-certified and Sybil-Free Framework for Secure Digital Identity Domain Buildup [chapter]

Christer Andersson, Markulf Kohlweiss, Leonardo A. Martucci, Andriy Panchenko
2008 Lecture Notes in Computer Science  
An attacker who can control arbitrarily many user identities can break the security properties of most conceivable systems. This is called a "Sybil attack". We present a solution to this problem that does not require online communication with a trusted third party and that in addition preserves the privacy of honest users. Given an initial so-called Sybil-free identity domain, our proposal can be used for deriving Sybilfree unlinkable pseudonyms associated with other identity domains. The
more » ... nyms are self-certified and computed by the users themselves from their cryptographic long-term identities. 2 is known under a different and unique pseudonym, and further there is no need of the continuous involvement of a Trusted Third Party (TTP). Access to a Certificate Authority (CA) is required only for the bootstrapping of a Sybil-free domain 4 . We call our solution self-certified Sybil-free pseudonyms 5 . These pseudonyms do not depend on the continuous availability of a TTP and, they are fully unlinkable. This is achieved using a self-certification mechanism: self-certified Sybil-free pseudonyms use concepts such as anonymous credentials and group signatures to enable the generation of an arbitrary number of anonymous certificates -however, only one certificate per identity domain and user identity. Access to the certificate authority (CA) is required only for acquiring the membership certificated from which the self-certified pseudonyms are derived from. Our solution can be seen as a framework that enables privacy-enhanced and Sybil-resistant buildup of user groups. We use periodic n-times spendable e-tokens [9] as a base for the instantiation, although there are also other cryptographic primitives that can be used to create such pseudonyms.
doi:10.1007/978-3-540-79966-5_5 fatcat:k4q4eh772vap7gcj2rlxh73rc4