+ All Categories
Home > Documents > Blacklisting and blocking anonymous credential users

Blacklisting and blocking anonymous credential users

Date post: 11-Nov-2014
Category:
Upload: iaeme
View: 807 times
Download: 1 times
Share this document with a friend
Description:
 
Popular Tags:
13
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME 41 BLACKLISTING AND BLOCKING ANONYMOUS CREDENTIAL USERS 1 H.Jayasree, Assoc. Prof, Dept. of IT , ATRI, Uppal, Hyderabad.[email protected] 2 Dr. A.Damodaram, Prof. of CSE Dept & Director – Academic Audit Cell, JNTUH, Hyderabad. [email protected] ABSTRACT Anonymous credential systems provide a mechanism for the users to authenticate themselves anonymously. Since the transactions are inherently anonymous, some users try to misbehave by taking advantage of their anonymity. So there is a necessity to formulate some method to stop such users from misbehaving. Also in order to increase the security at the users end we include an additional entity, the trustee that the user trusts. KEYWORDS Initiator(user), CA (certification authority), responder/verifier(website owner),SSL (Secure socket layer), SHA- 1( secure hash algorithm). 1 INTRODUCTION Credential systems allow subjects to prove possession of attributes to interested parties. In a sound credential system subject’s first need to obtain a structure termed a credential from an entity termed the credential issuer. The issuer encodes some well-defined set of attributes together with their values into the credential which is then passed on, or `granted', to the subject. Only after having gone through this process can the subject prove possession of those attributes that are encoded in the credential. During this latter process, the interested party is said to `verify the credential' and is therefore called a verifier. Subjects are typically human users, issuers are typically well-known organisations with authority over the attributes they encode into the credentials they issue, and verifiers typically are service providers that perform attribute based access control. An example of a credential system is a Public Key Infrastructure (PKI). In a PKI, credentials are public key certificates that bind together subject attributes such as subject name, public key, its issue and expiry dates, and INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET) ISSN 0976 – 6367(Print) ISSN 0976 – 6375(Online) Volume 3, Issue 3, October - December (2012), pp. 41-53 © IAEME: www.iaeme.com/ijcet.asp Journal Impact Factor (2012): 3.9580 (Calculated by GISI) www.jifactor.com IJCET © I A E M E
Transcript
Page 1: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

41

BLACKLISTING AND BLOCKING ANONYMOUS CREDENTIAL USERS

1H.Jayasree, Assoc. Prof, Dept. of IT , ATRI, Uppal,

[email protected] 2Dr. A.Damodaram, Prof. of CSE Dept & Director – Academic Audit Cell,

JNTUH, Hyderabad. [email protected]

ABSTRACT

Anonymous credential systems provide a mechanism for the users to authenticate themselves

anonymously. Since the transactions are inherently anonymous, some users try to misbehave by taking

advantage of their anonymity. So there is a necessity to formulate some method to stop such users from

misbehaving. Also in order to increase the security at the users end we include an additional entity, the trustee

that the user trusts.

KEYWORDS

Initiator(user), CA (certification authority), responder/verifier(website owner),SSL (Secure socket layer), SHA-

1( secure hash algorithm).

1 INTRODUCTION

Credential systems allow subjects to prove possession of attributes to interested parties. In a sound credential

system subject’s first need to obtain a structure termed a credential from an entity termed the credential issuer.

The issuer encodes some well-defined set of attributes together with their values into the credential which is

then passed on, or `granted', to the subject. Only after having gone through this process can the subject prove

possession of those attributes that are encoded in the credential. During this latter process, the interested party is

said to `verify the credential' and is therefore called a verifier. Subjects are typically human users, issuers are

typically well-known organisations with authority over the attributes they encode into the credentials they issue,

and verifiers typically are service providers that perform attribute based access control.

An example of a credential system is a Public Key Infrastructure (PKI). In a PKI, credentials are public key

certificates that bind together subject attributes such as subject name, public key, its issue and expiry dates, and

INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING &

TECHNOLOGY (IJCET)

ISSN 0976 – 6367(Print)

ISSN 0976 – 6375(Online)

Volume 3, Issue 3, October - December (2012), pp. 41-53

© IAEME: www.iaeme.com/ijcet.asp

Journal Impact Factor (2012): 3.9580 (Calculated by GISI)

www.jifactor.com

IJCET

© I A E M E

Page 2: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

42

so on. The credential issuer is the Certification Authority (CA); it grants public key certificates according to

some subject registration procedure. Finally, credential verifiers are the entities within the PKI that accept the

certificates issued by the CA. In conventional credential systems (e.g. a PKI), issuers and verifiers identify any

given subject by a system-wide identifier. This has a potentially severe impact on the subject's privacy, as it

enables issuers and verifiers to combine their knowledge about the subject. Indeed, they can construct

individual transaction histories for all the subjects in the system, simply by correlating credential related events

using these identifiers.

Over the last 20 years, a significant amount of research has been performed on credential systems that try to

address the privacy issue. In an anonymous credential system, subjects establish a different identifier with each

issuer and verifier they wish to interact with, where we assume throughout that these pseudonyms cannot be

connected to the subject's true identity. These identifiers, termed the subject's pseudonyms, are unlinkable, i.e.

they do not possess any connection with one another. This means that it is infeasible, for colluding issuers and

verifiers, to decide with certainty whether or not any given pair of pseudonyms belongs to the same subject1.

While a subject obtains a credential under the pseudonym that was established with the issuer, proof of its

possession2 takes place under the pseudonym established with the verifier. Of course, in order for the system to

remain sound, subjects should only be able to successfully prove possession of credentials that they were indeed

issued by some legitimate issuer.

A number of anonymous credential systems have been proposed in the literature, each with its own particular

set of entities, underlying problems, assumptions and properties. This section presents the model of anonymous

credential systems on which the rest of the paper is based. It is intended to be as general as possible, in order to

be consistent with the majority of existing schemes.

1) Proving possession of a credential amounts to proving possession of the attributes that are encoded within the

credential. We refer to this process also as the showing of a credential.

2) We consider an anonymous credential system to involve four types of player: subjects, issuers and verifiers,

trustee. It is assumed that subjects establish at least one pseudonym with each organisation with which they

wish to interact.

These pseudonyms are assumed to be indistinguishable, meaning that they do not bear any connection to the

identity of the subject they belong to.We further assume that pseudonyms are unlinkable, i.e. two pseudonyms

for the same subject cannot be linked to each other. Subjects may obtain credentials, i.e. structures that encode a

well defined, finite set of attributes together with their values, from issuers. They may subsequently show those

credentials to verifiers, i.e. convince them that they possess (possibly a subset of) the encoded attributes. A

credential is issued under a pseudonym that the subject has established with its issuer, and it is shown under the

pseudonym that the subject has established with the relevant verifier.

It is assumed that the anonymous credential system is sound. This means that it offers pseudonym owner

protection, i.e. that only the subject that established a given pseudonym can show credentials under it.

Soundness also implies credential unforgeability; the only way that subjects may prove possession of a

credential is by having obtained it previously from a legitimate issuer. In some applications, it is required that

the system offers the stronger property of credential non-transferability. This property guarantees that no

Page 3: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

43

subject can prove possession of a credential that it has not been issued, even if the subject colludes with other

subject(s) that may have (legitimately) obtained such a credential. In other words, a system that offers non-

transferability prohibits credential sharing, whereas a system that offers only unforgeability, does not. We

require that credentials are bound to the subject to which they have been issued. We therefore assume that either

the system offers non-transferability or that in practice subjects do not share their credentials. It is assumed

further that the system properly protects privacy in that a subject's transactions with organisations do not

compromise the unlinkability of its pseudonyms.

1.1 BASIC TERMINOLOGY

We mention below some basic terminology.

ANONYMITY: To enable the anonymity of a subject, there always has to be an appropriate set of subjects

with potentially the same attributes. Anonymity is thus defined as the state of being not identifiable within a set

of subjects, the anonymity set.

UNLINKABLITY: The [ISO15408 1999] defines unlinkability as follows: "[Unlinkability] ensures that a user

may make multiple uses of resources or services without others being able to link these uses together. [...]

Unlinkability requires that users and/or subjects are unable to determine whether the same user caused certain

specific operations in the system."

PSEUDONYMITY: Pseudonyms are identifiers of subjects. We can generalize pseudonyms to be identifiers of

sets of subjects. The subject whom the pseudonym refers to is the holder of the pseudonym. Being

pseudonymous is the state of using a pseudonym as ID. We assume that each pseudonym refers to exactly one

holder, invariant over time, being not transferred to other subjects. Pseudonymity is the use of pseudonyms as

IDs. An advantage of pseudonymity technologies is that accountability for misbehaviour can be enforced. Also,

persistent pseudonyms allow their owners to build a pseudonymous reputation over time.

BLACKLISTING: Several credential systems have been proposed in which users can authenticate to services

anonymously. Since anonymity can give users the license to misbehave, some variants allow the selective

deanonymization (or linking) of misbehaving users upon a complaint to a trusted third party (TTP). The ability

of the TTP to revoke a user’s privacy at any time, however, is too strong a punishment for misbehavior. To limit

the scope of deanonymization, systems such as “e-cash” have been proposed in which users are deanonymized

under only certain types of well-defined misbehavior such as “double spending.” While useful in some

applications, it is not possible to generalize such techniques to more subjective definitions of misbehavior.

CERTIFICATION AUTHORITY (CA): It is a third party organization that the user as well as the responder

trusts. He issues the certificate for the user. This certificate ensures the responder that the user is a valid person.

Hence the responder allows the user to be anonymous in his transactions.

TRUSTEE: Trustee can be any person or a third party organization that the user trusts. The trustee first ensures

that the user is valid by asking for necessary credentials. If satisfied, the trustee assigns a pseudo name to the

user. He then contacts the certification authority and requests for a certificate on behalf of the user.

Page 4: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

44

There are three main entities involved: (1) the initiator (2) the digital analyst (3) responder. Initially the initiator

generates a list of credentials and sends them to the digital analyst revealing only those credentials that are

enough to prove that he is authentic. After authenticating the initiator, the digital analyst signs the list with a

digital signature and gives the initiator a pseudonym. Henceforth the initiator interacts with the responder using

his pseudonym.

2. RELATED WORK

The scenario with multiple users, who, while remaining anonymous to the organizations, manage to transfer

credentials from one organization to another, was first introduced by Chaum [7]. Subsequently, Chaum and

Evertse [6] proposed a solution that is based on the existence of a semi-trusted third party who is involved in all

transactions. However, the involvement of a semi-trusted third party is undesirable.

The scheme later proposed by Damgard [9] employs general complexity-theoretic primitives (one-way

functions and zero-knowledge proofs) and is therefore not applicable for practical use. Moreover, it does not

protect organizations against colluding users. The scheme proposed by Chen [8] is based on discrete-logarithm-

based blind signatures. It does not address the problem of colluding users. Another drawback of her scheme and

the other practical schemes previously proposed is that to use a credential several times, a user needs to obtain

several signatures from the issuing organization. Lysyanskaya, Rivest, Sahai, and Wolf [11] propose a general

credential system. While their general solution captures many of the desirable properties, it is not usable in

practice because their constructions are based on one-way functions and general zero-knowledge proofs. Their

practical construction, based on a non-standard discrete-logarithm-based assumption, has the same problem as

the one due to Chen [8]: a user needs to obtain several signatures from the issuing organization in order to use

unlinkably a credential several times.

Other related work is that of Brands [4] who provides a certificate system in which a user has control over what

is known about the attributes of a pseudonym. Although a credential system with one-show credentials can be

inferred from his framework, obtaining a credential system with multi-show credentials is not immediate and

may in fact be impossible in practice. Another inconvenience of these and the other discrete-logarithm-based

schemes mentioned above is that all the users and the certification authorities in these schemes need to share the

same discrete logarithm group. The concept of revocable anonymity is found in electronic payment systems

(e.g., [5, 14]) and group signature and identity escrow (e.g., [1, 3, 2, 12] schemes. Prior to our work, the

problem of constructing a practical system with multiple-use credentials eluded researchers for some time [4, 8,

9, 11]. We solve it by extending ideas found in the constructions of strong-RSA-based signature schemes [10,

13] and group signature schemes [1].

3. PROPOSAL

In addition to the three main entities i.e, the initiator, the certification authority and the responder we include an

additional entity i.e the trustee. The trustee is a third party individual/organization that the user trusts. Instead of

revealing his credentials to the certification authority, the user approaches a trustee to whom he reveals the

necessary credentials. The trustee provides the user with a pseudo name. The trustee then approaches the CA for

the certificate.

Page 5: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

45

The responder keeps track of all the users’ activities and if it tracks one of the users trying to misbehave, it

blacklists that user. The responder maintains a table containing a list of blacklisted and white listed users. The

responder then contacts the respective certification authority and notifies it about the misbehavior. The CA after

investigation revokes the user’s certificate. If any user who is listed as a blacklisted user tries to contact the CA

for renewal of certificate, the CA rejects the request.

The trustee uses sha-1 algorithm to generate pseudo name (hash). The responder meanwhile keeps track of

user’s activities. If any user tries to misbehave, he is blacklisted.

To blacklist the user, the responder should store the login and logout times of each user. If any malpractice is

observed, the responder can check the time at which the site was compromised and compare it with the login

and logout times of the user. Then the responder can make a list of users who were using the site when the

malpractice occurred .the responder can add these names under suspicious list. Then based on the content of the

information compromised or severity of damage, the responder can decide the action to be taken. If the users

name appears more than once in the suspicious list the user’s activities are carefully scrutinized by the

responder. The responder can maintain a threshold such that if the number of times the users name appears in

the suspicious list crosses the threshold value, the user can be blacklisted.

3.1GENERATION OF CERTIFICATE USING OPEN SSL

Secure Sockets Layer (SSL) is a cryptographic protocol that provides communication security over

the Internet SSL encrypts the segments of network connections above the Transport Layer, using asymmetric

cryptography for key exchange, symmetric encryption for privacy, and message authentication codes for

message integrity. Several versions of the protocol are in widespread use in applications such as web

browsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP).

ALGORITHMS USED

3.1.1SHA-1 ALGORITHM

In cryptography, SHA-1 is a cryptographic hash function designed by the United States National Security

Agency and published by the United States NIST as a U.S. Federal Information Processing Standard. SHA

stands for "secure hash algorithm". The three SHA algorithms are structured differently and are distinguished

as SHA-0, SHA-1, and SHA-2. SHA-1 is very similar to SHA-0, but corrects an error in the original SHA hash

specification that led to significant weaknesses. The SHA-0 algorithm was not adopted by many applications.

SHA-2 on the other hand significantly differs from the SHA-1 hash function. SHA-1 is the most widely used of

the existing SHA hash functions, and is employed in several widely used security applications and protocols, as

well as a consistency checker in Git. In 2005, security flaws were identified in SHA-1, namely that a

mathematical weakness might exist, indicating that a stronger hash function would be desirable.

3.2.2RSA- ALGORITHM

RSA is an algorithm for public-key cryptography that is based on the presumed difficulty of factoring large

integers, the factoring problem. RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman, who first

publicly described it in 1978. A user of RSA creates and then publishes the product of two large prime numbers,

Page 6: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

46

along with an auxiliary value, as their public key. The prime factors must be kept secret. Anyone can use the

public key to encrypt a message, but with currently published methods, if the public key is large enough, only

someone with knowledge of the prime factors can feasibly decode the message.

4. RESULTS AND DISCUSSION

The trustee can use a wamp server with an inbuilt phpmyadmin database. The user enters his credentials on the

web page created by trustee. The trustee after verifying these credentials provides a pseudo name to the user.

The algorithm used is sha-1.

The trustee then contacts the certification authority to request a certificate on behalf of the user. The CA can use

the SSL tool to generate the certificate.

The responder webpage can contain a provision to let the user upload the certificate or enter the certificate serial

number (it is unique to each user). After getting it verified from the CA, the responder can allow access to the

user.

The responder also must keep track of the users activities to avoid any malpractice by the user. The responder

can maintain a white list, blacklist and suspicious list. the white list contains names of valid users. The

suspicious list contains a list of users whose activities are to be carefully scrutinized. The black list contains a

list of users who are blacklisted.

4.1 IMPLEMENTATION

The trustee uses sha-1 algorithm to generate pseudoname (hash). This feature is directly available in php. For

example the code

<?php

echo hash('SHA1', 'xyz');

?>

Generates the hash :66b27417d37e024c46526c2f6d358a754fc552f3

Hence the trustee generates the hash and sends it to the user. The user uses this hash value as his pseudoname

and carries out his transactions with the responder using this pseudoname. The trustee then contacts the

certification authority for the certificate.

The certification authority can use a tool like SSL to generate the certificate. SSL is a freeware and can be

downloaded from the internet.

The following commands are used to obtain the .crt file:

1. genrsa -des3 -out server.key 1024.

2. req -key server.key -out server.csr.

3. x509 -req -days 365 -in server.csr -signkey server.key -out server.crt.

4.

� The first command is to generate the keys (Public, Private) using the des algorithm and store the output

in the file server.key which is of 1024 bits.

Page 7: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October

� The second command is used to generate a .csr file. Hence server.c

we can see that the command allow us to enter the default credentials that are shown in the details of the Digital

Certificate.

� The third command is to provide the duration of validity for the certificate.

Once the .csr file is generated we can upload it in a website (eg. Verisign, Getacert)

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976

6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

47

The second command is used to generate a .csr file. Hence server.csr file is generated. In this window

we can see that the command allow us to enter the default credentials that are shown in the details of the Digital

The third command is to provide the duration of validity for the certificate.

.csr file is generated we can upload it in a website (eg. Verisign, Getacert)

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

December (2012), © IAEME

sr file is generated. In this window

we can see that the command allow us to enter the default credentials that are shown in the details of the Digital

Page 8: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

48

The user can use this certificate to register to the responder without revealing his credentials. Here the

certificate serial number is a unique number and can be used as the primary key to identify the user.

4.2 SCREEN SHOTS

1) Trustees Page For The User To Enter e

Credentials

2) Trustee Generates Psudoname For The User.

Also Contacts The Ca For The Certificate.

Page 9: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

49

3) Registration With Responder

4) User Login

5) User Enters Login Id And Password

6) Login Id Password And Login Time Are Stored

In Responders Database

Page 10: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

50

7) Responders Site

8) Initiator Tries To Make Changes To Responders

Site

9) Initiator Updates The Changes

10) The Change Made And Time At Which The

Change Was Made Is Stored In The Responders

Database

Page 11: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

51

11)Email To Trustee About Users Misbehaviour

12) Checking the mail

5. CONCLUSION

The above graph shows that the proposal is feasible and helps to secure the site against misbehaving users. The

threshold can be selected by the responder based on the sensitivity of data contained in the site. Our proposed

work blacklists the user based on the login times that are stored in the database of the responder.

Page 12: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

52

6. REFERENCES

[1] Giuseppe Ateniese, Jan Camenisch, Marc Joye, and Gene Tsudik. A practical and provably secure coalition-

resistant group signature scheme. In CRYPTO, volume 1880 of LNCS, pages 255–270. Springer, 2000.

[2] David Chaum and Eug`ene van Heyst. Group signatures. In EUROCRYPT, pages 257–265, 1991.

[3] Jan Camenisch and Markus Stadler. Efficient group signature schemes for large groups (extended abstract).

In CRYPTO, volume 1294 of LNCS, pages 410–424. Springer, 1997.

[4] Stefan Brands. Rethinking Public Key Infrastructure and Digital Certificates Building in Privacy. PhD

thesis, Eindhoven Institute of Technology, Eindhoven, The Netherlands, 1999.

[5] Ernie Brickell, Peter Gemmel, and David Kravitz. Trustee-based tracing extensions to anonymous cash and

the making of anonymous change. In Proceedings of the Sixth Annual ACM-SIAMs, pages 457{466.

Association for Computing Machinery, January 1995.

[6] David Chaum and Jan-Hendrik Evertse. A secure and privacy-protecting protocol for transmitting personal

information between organizations. In M. Odlyzko, editor, Advances in Cryptology | CRYPTO '86, volume 263

of Lecture Notes in Computer Science, pages 118{167. Springer-Verlag, 1987.

[7] David Chaum. Security without identification: Transaction systems to make big brother obsolete.

Communications of the ACM, 28(10):1030{1044, October 1985.

[8] Lidong Chen. Access with pseudonyms. In E. Dawson ann J. Golic, editor, Cryptography: Policy and

Algorithms, volume 1029 of Lecture Notes in Computer Science, pages 232{243. Springer Verlag, 1995.

[9] Ivan Bjerre Damgard. Payment systems and credential mechanism with provable security against abuse by

individuals. In Shafi Goldwasser, editor, Advances in Cryptology | CRYPTO '88, volume 403 of Lecture Notes

in Computer Science, pages 328{335. Springer Verlag, 1990.

[10] Ronald Cramer and Victor Shoup. Signature schemes based on the strong rsa assumption. In Proc. 6th

ACM Conference on Computer and Communications Security,pages 46{52. ACM press, nov 1999.

[11] Anna Lysyanskaya, Ron Rivest, Amit Sahai, and Stefan Wolf. Pseudonym systems. In Howard Heys and

Carlisle Adams, editors, Selected Areas in Cryptography, volume 1758 of Lecture Notes in Computer Science.

Springer Verlag, 1999.

[12] Joe Kilian and Erez Petrank. Identity escrow. In Hugo Krawczyk, editor, Advances in Cryptology |

CRYPTO '98, volume 1642 of Lecture Notes in Computer Science, pages 169{185, Berlin, 1998. Springer

Verlag.

[13] Rosario Gennaro, Shai Halevi, and Tal Rabin. Secure hash-and-sign signatures without the random oracle.

In Jacques Stern, editor, Advances in Cryptology | EUROCRYPT '99, volume 1592 of Lecture Notes in

Computer Science, pages 123{139. Springer Verlag, 1999.

[14] Markus Stadler, Jean-Marc Piveteau, and Jan Camenisch. Fair blind signatures. In Louis C. Guillou and

Jean-Jacques Quisquater, editors, Advances in Cryptology | EUROCRYPT '95, volume 921 of Lecture Notes in

Computer Science, pages 209{219. Springer Verlag, 1995.

Page 13: Blacklisting and blocking anonymous credential users

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print),

ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME

53

Links:

• http://en.wikipedia.org/wiki/Digital_credential

• http://www.patents.com/us-7360080.html

• http://www.cosic.esat.kuleuven.be/publications/article-1513.pdf

• http://fist.mmu.edu.my/cans2010/Portals/0/Document/slides/day3/Bart_Memnink.pdf

• http://dud.inf.tudresden.de/~ben/kellermann_scholz09_anonymous_credentials_in_web_applications.pdf

Authors

Dr Avula Damodaram obtained his B.Tech. Degree in CSE in 1989, M.Tech. in CSE in 1995 and Ph.D in

Computer Science in 2000 all from JNTUH, Hyderabad. His areas of interest are Computer Networks, Software

Engineering, Data Mining and Image Processing. He has successfully guided 6 Ph.D. and 2 MS Scholars apart

from myriad M.Tech projects. He is currently guiding 9 scholars for Ph.D and 1 scholar for MS. He is on the

editorial board of 2 International Journals and a number of Course materials. He has organized as many as 30

Workshops, Short Term Courses and other Refresher and Orientation programmes. He has published 35 well

researched papers in national and International journals. He has also presented 45 papers at different National

and International conferences. On the basis of his scholarly achievements and other multifarious services, He

was honored with the award of DISTINGUISHED ACADAMICIAN by Pentagram Research Centre, India, in

January 2010.

H.Jayasree obtained her B.E. in CSE from Bangalore University and M.Tech. in CSE from JNTUH, Hyderabad

in 2001 and 2006 respectively. She is currently a Research Scholar of CSE JNTUH, Hyderabad. She is working

as Associate Professor, for Aurora’s Technological and Research Institute and has 10yrs of teaching experience

in various colleges of Hyderabad and Bangalore. Areas of research interest include Computer Networks and

Network Security.


Recommended