Skip to main content
SpringerLink
Log in

Anonymous Webs of Trust

  • Conference paper
Privacy Enhancing Technologies (PETS 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6205))

Included in the following conference series:

Abstract

Webs of trust constitute a decentralized infrastructure for establishing the authenticity of the binding between public keys and users and, more generally, trust relationships among users. This paper introduces the concept of anonymous webs of trust – an extension of webs of trust where users can authenticate messages and determine each other’s trust level without compromising their anonymity. Our framework comprises a novel cryptographic protocol based on zero-knowledge proofs, a symbolic abstraction and formal verification of our protocol, and a prototypical implementation based on the OpenPGP standard. The framework is capable of dealing with various core and optional features of common webs of trust, such as key attributes, key expiration dates, existence of multiple certificate chains, and trust measures between different users.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abadi, M., Blanchet, B.: Secrecy types for asymmetric communication. In: Honsell, F., Miculan, M. (eds.) FOSSACS 2001. LNCS, vol. 2030, pp. 25–41. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Abadi, M., Blanchet, B., Fournet, C.: Automated verification of selected equivalences for security protocols. In: LICS 2005, pp. 331–340. IEEE, Los Alamitos (2005)

    Google Scholar 

  3. Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: POPL 2001, pp. 104–115. ACM, New York (2001)

    Google Scholar 

  4. Ashri, R., Ramchurn, S.D., Sabater, J., Luck, M., Jennings, N.R.: Trust evaluation through relationship analysis. In: AAMAS 2005, pp. 1005–1011. ACM, New York (2005)

    Google Scholar 

  5. Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  6. Backes, M., Lorenz, S., Maffei, M., Pecina, K.: Anonymous webs of trust (tool and long version) (2010), http://www.lbs.cs.uni-sb.de/awot/

  7. Backes, M., Maffei, M., Unruh, D.: Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In: SSP 2008, pp. 202–215. IEEE, Los Alamitos (2008)

    Google Scholar 

  8. Backes, M., Unruh, D.: Computational soundness of symbolic zero-knowledge proofs against active attackers. In: CSF 2008, pp. 255–269. IEEE, Los Alamitos (2008)

    Google Scholar 

  9. Belenkiy, M., Camenisch, J., Chase, M., Kohlweiss, M., Lysyanskaya, A., Shacham, H.: Randomizable proofs and delegatable anonymous credentials. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 108–125. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  10. Bellare, M., Shi, H., Zhang, C.: Foundations of group signatures: The case of dynamic groups. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, Springer, Heidelberg (2005)

    Google Scholar 

  11. Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: CSFW 2001, pp. 82–96. IEEE, Los Alamitos (2001)

    Google Scholar 

  12. Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  13. Callas, J., Donnerhacke, L., Finney, H., Shaw, D., Thayer, R.: OpenPGP message format. In: Request for Comments. IETF, vol. 4880 (2007)

    Google Scholar 

  14. Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Camenisch, J., Michels, M.: Proving in zero-knowledge that a number is the product of two safe primes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 107–122. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  16. Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  17. Carminati, B., Ferrari, E., Perego, A.: Rule-based access control for social networks. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4278, pp. 1734–1744. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  18. Caronni, G.: Walking the web of trust. In: WETICE 2000, pp. 153–158. IEEE, Los Alamitos (2000)

    Google Scholar 

  19. Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)

    Chapter  Google Scholar 

  20. Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)

    Google Scholar 

  21. Domingo-Ferrer, J., Viejo, A., Sebé, F., González-Nicolás, U.: Privacy homomorphisms for social networks with private relationships. Computer Networks 52(15), 3007–3016 (2008)

    Article  MATH  Google Scholar 

  22. Domingo-Ferror, J.: A public-key protocol for social networks with private relationships. In: Torra, V., Narukawa, Y., Yoshida, Y. (eds.) MDAI 2007. LNCS (LNAI), vol. 4617, pp. 373–379. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  23. facebook, http://www.facebook.com/

  24. Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Chapter  Google Scholar 

  25. Frikken, K., Srinivas, P.: Key allocation schemes for private social networks. In: WPES 2009, pp. 11–20. ACM, New York (2009)

    Google Scholar 

  26. Fujisaki, E., Okamoto, T.: Statistical zero knowledge protocols to prove modular polynomial relations. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  27. Gentry, C., Silverberg, A.: Hierarchical id-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  28. Goldreich, O.: Foundations of Cryptography: Basic Tools. Cambridge University Press, Cambridge (2001)

    Google Scholar 

  29. Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. Journal of the ACM 38(3), 690–728 (1991)

    Article  MathSciNet  MATH  Google Scholar 

  30. Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM Journal on Computing 18(1), 186–208 (1989)

    Article  MathSciNet  MATH  Google Scholar 

  31. Herranz, J.: Identity-based ring signatures from rsa. Theoretical Computer Science 389(1-2), 100–117 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  32. Cottrell, L., Cypher, P., Finney, H., Goldberg, I., Laurie, B., Plumb, C., or Young, E.: Signing as one member of a set of keys, http://www.abditum.com/ringsig/

  33. Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)

    Google Scholar 

  34. Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. Communications of the ACM 22(22), 612–613 (2001)

    MATH  Google Scholar 

  35. Sabater-Mir, J.: Towards the next generation of computational trust and reputation models. In: Torra, V., Narukawa, Y., Valls, A., Domingo-Ferrer, J. (eds.) MDAI 2006. LNCS (LNAI), vol. 3885, pp. 19–21. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  36. Scott, M.: Multiprecision Integer and Rational Arithmetic C/C++ Library, http://www.shamus.ie/

  37. Song, D.X.: Practical forward secure group signature schemes. In: CCS 2001, pp. 225–234. ACM, New York (2001)

    Google Scholar 

  38. The GNU Privacy Guard Team. GnuPG, http://www.gnupg.org/

  39. The GNU Privacy Guard Team. The GNU Privacy Handbook, http://www.gnupg.org/gph/en/manual.pdf

  40. Tootoonchian, A., Saroiu, S., Ganjali, Y., Wolman, A.: Lockr: better privacy for social networks. In: CoNEXT 2009, pp. 169–180. ACM, New York (2009)

    Google Scholar 

  41. Wang, D.-W., Liau, C.-J., Hsu, T.-S.: Privacy protection in social network data disclosure based on granular computing. In: Fuzzy 2006, pp. 997–1003. IEEE, Los Alamitos (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Saarland University, Saarbrücken, Germany

    Michael Backes, Stefan Lorenz, Matteo Maffei & Kim Pecina

  2. Max Planck Institute for Software Systems (MPI-SWS), Germany

    Michael Backes

Authors
  1. Michael Backes
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stefan Lorenz
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Matteo Maffei
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kim Pecina
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Purdue University, 305 North University Street, IN 47907, 2107, West Lafayete, USA

    Mikhail J. Atallah

  2. Department of Computer Science & Engineering, University of Minnesota, MN 55455, Minneapolis, USA

    Nicholas J. Hopper

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Backes, M., Lorenz, S., Maffei, M., Pecina, K. (2010). Anonymous Webs of Trust. In: Atallah, M.J., Hopper, N.J. (eds) Privacy Enhancing Technologies. PETS 2010. Lecture Notes in Computer Science, vol 6205. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14527-8_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14527-8_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14526-1

  • Online ISBN: 978-3-642-14527-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation