Deniable Anonymous Group Authentication
YALE UNIV NEW HAVEN CT DEPT OF COMPUTER SCIENCE
Pagination or Media Count:
In some situations, users need to authenticate as distinct members of some well-defined group, without revealing their individual identities to validate and corroborate a leak, for example, or to count participants in a closed anonymous forum. Current group authentication techniques offering this capability, however, may de-anonymize users if an attacker later compromises their private keys. Addressing this under-explored risk, we present deniable anonymous group authentication DAGA, the first anonymous authentication protocol offering proportionality, forward anonymity, and deniability in combination. To offer these properties, DAGA leverages a federation of collectively but not individually trusted servers. These servers collectively generate tags during authentication, which ensure client distinctness and proportionality, while cryptographically scrubbing information that could later de-anonymize clients. After an authentication round, clients and honest servers securely erase their ephemeral secrets, protecting clients from later de-anonymization even if an attacker eventually compromises all long-term client and server keys. A proof-of-concept prototype validates DAGAs practicality, authenticating a client into a 32-member group in one second, or into a 2048-member group in two minutes.
- Computer Systems Management and Standards