This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Security B-Sides London 2017
7th of June 2017 at the ILEC Conference Centre 47 Lillie Road, London, SW6 1UD

Welcome to our schedule for the day! For more details on the talks, workshops, please visit our website.
View analytic
Wednesday, June 7 • 16:45 - 17:30
Truly Anonymous Credentials Using Modern Cryptography

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
When using anonymous networks like Tor or I2P, one problem is always how to prevent spam/DoS attacks when you cannot distinguish one entity from another, and hence cannot limit them without either compromising their anonymity by requiring registration of some kind, or requiring captcha-like challenges which are time consuming to implement and usually only a temporary solution at best.

Here I introduce a new kind of authentication system based on homomorphic properties of elliptic curve cryptography and zero knowledge proofs called "Linkable Ring Signatures". It allows one to add their public key to a larger group of existing public keys, called a "ring", and sign using the entire "ring" of keys + private key in such a way that no one can tell which private key has signed the message, but can mathematically verify that it was one private key corresponding to one of the public keys in the ring. On top of that, it allows a verifier that only has access to the public keys in the ring to make sure that for any one [message, ring] pair, a private key has only signed it once - duplicate signatures for the same message are detectable.

This allows for limiting interactions from any party holding one of these access keys (to say, one message per minute per key), without the party losing any anonymity as their signature is indistinguishable from any other party in the ring.

Furthermore, because ring signatures use a cryptographic component called "zero knowledge proofs", signing reveals zero information about the private key - hence no matter how many signatures are generated, it is impossible to use them to try to forge messages or fingerprint/bruteforce the signer key. The proof of this will be shown in the talk.

In this talk I will walk through the cryptographic primitives that make this possible, and show a demo service on Tor/I2P that implements this scheme to make an anti-spam anonymous forum.


Matthew Di Ferrante

I'm a software engineer and cryptography researcher that works on distributed systems. I've long had an interest in security, since I was in my teens, and have tried to combine it with my passion for mathematics and software engineering. Along that vein, I'm a huge supporter of p... Read More →

Wednesday June 7, 2017 16:45 - 17:30
Track 2