While the social network services (SNS) have dominate the ways that people communicate with each other on the Internet, identity impersonation remains to be a serious issue that needs to be solved due to the anonymity in the cyber network. Currently, the potential solution to the problem relies heavily on the administration from the central server, which requires intensive workload of the identity management. In this article, we propose a threshold identity authentication signature scheme to solve the impersonation problem from the protocol layer rather than software design in the traditional upper level. In our scheme, with the help of some authenticated accounts, trusted relationship can be shared in a group to other unauthenticated accounts, which largely decrease the workload of authenticating all the accounts. Users are given the ability to verify other accounts' identity information by their signatures. Then, we establish three security goals to prevent the malicious adversary to launch the impersonation attack on a group. We claim that our scheme is suitable for the SNS scenario since the procedure of generating a signature to prove the identity requires little computation cost, it is user‐friendly especially on the lightweight devices such as mobile devices and so on.
|Journal||Concurrency and Computation: Practice & Experience|
|Number of pages||9|
|Publication status||Accepted/In press - 2020|
- Social network service
- Secret sharing
- Threshold group signature
Chen, Z., Chen, J., & Meng, W. (Accepted/In press). Threshold identity authentication signature: Impersonation prevention in social network services. Concurrency and Computation: Practice & Experience, [e5787]. https://doi.org/10.1002/cpe.5787