Paper 2021/838

Anonymous and Distributed Authentication for Peer-to-Peer Networks

Pasan Tennakoon, Supipi Karunathilaka, Rishikeshan Lavakumar, and Janaka Alawatugoda

Abstract

Well-known authentication mechanisms such as Public-key Infrastructure (PKI) and Identity-based Public-key Certificates (ID-PKC) are not suitable to integrate with the peer-to-peer (P2P) network environment. The reason is the difficulty in maintaining a centralized authority to manage the certificates. The authentication becomes even harder in an anonymous environment. We present three authentication protocols such that the users can authenticate themselves in an anonymous P2P network, without revealing their identities. Firstly, we propose a way to use existing ring signature schemes to obtain anonymous authentication. Secondly, we propose an anonymous authentication scheme utilizing secret sharing schemes. Finally, we propose a zero-knowledge-based anonymous authentication protocol. We provide security justifications of the three protocols in terms of anonymity, completeness, soundness, resilience to impersonation attacks, and resilience to replay attacks.

Note: This article is based on the final year undergraduate research project carried out by Pasan, Supipi, and Rishikeshan under the supervision of Janaka, at the Department of Computer Engineering, University of Peradeniya, Sri Lanka. The authors acknowledge Douglas Stebila for his valuable comments. Project page: https://cepdnaclk.github.io/e15-4yp-anonymous-authentication Git repository: https://github.com/cepdnaclk/e15-4yp-anonymous-authentication