Paper 2017/1106
Formal Analysis of a TTP-Free Blacklistable Anonymous Credentials System (Full Version)
Weijin Wang, Yu Qin, Jingbin Liu, and Dengguo Feng
Abstract
This paper firstly introduces a novel security definition for BLAC-like schemes (BLAC represents TTP-free BLacklist-able Anonymous Credentials) in the symbolic model using applied pi calculus, which is suitable for automated reasoning via a certain formal analysis tool. We model the definitions of some common security properties: authenticity, non-framebility, mis-authentication resistance and privacy (anonymity and unlinkability). Then the case study of these security definitions is demonstrated by modelling and analyzing BLACR (BLAC with Reputation) system. We verify these security properties by Blanchet’s ProVerif and a ZKP (Zero-Knowledge Proof) compiler developed by Backes et al.. In particular, we model and analyze the express-lane authentication in BLACR system. The analysis discovers a known attack that can be carried out by any potential user. This attack allows a user escaping from being revoked as he wishes. We provide a revised variant that can be proved successfully by ProVerif as well, which also indicates that the fix provided by ExBLACR (Extending BLACR) is incorrect.
Note: I miss adding “and” between the authors’ names
Metadata
- Available format(s)
-
PDF
- Publication info
- Published elsewhere. Minor revision. ICICS 2017 (will appear)
- Keywords
- Formal analysisAnonymous CredentialProVerifBLACR
- Contact author(s)
- wangweijin @ tca iscas ac cn
- History
- 2017-11-20: received
- Short URL
- https://ia.cr/2017/1106
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2017/1106,
author = {Weijin Wang and Yu Qin and Jingbin Liu and Dengguo Feng},
title = {Formal Analysis of a {TTP}-Free Blacklistable Anonymous Credentials System (Full Version)},
howpublished = {Cryptology {ePrint} Archive, Paper 2017/1106},
year = {2017},
url = {https://eprint.iacr.org/2017/1106}
}
