Publication:
(Formula presented) : Anonymous invitation-only registration in malicious adversarial model

Simple item page
dc.contributor.coauthorTaheri-Boshrooyeh, Sanaz (56926731400)
dc.contributor.coauthorKüpçü, Alptekin (26531375100)
dc.contributor.coauthorÖzkasap, Öznur (6602394621)
dc.date.accessioned2025-12-31T08:18:40Z
dc.date.available2025-12-31
dc.date.issued2025
dc.description.abstractIn invitation-based systems, a new user can register only after obtaining a threshold number of invitations from existing members. The newcomer submits these invitations to the system administrator, who verifies their legitimacy. In doing so, the administrator inevitably learns who invited whom. This inviter–invitee relationship is itself privacy-sensitive information, since knowledge of it can enable inference attacks in which an invitee’s profile (e.g., political views or location) is deduced from the profiles of their inviters. To address this problem, we propose (Formula presented), an anonymous invitation-based system in which even a corrupted administrator, colluding with a subset of members, cannot determine inviter–invitee relationships. We formally define the notions of inviter anonymity and invitation unforgeability, and provide formal proofs that (Formula presented) achieves both against a malicious and adaptive adversary. Our design ensures constant cost for authenticating new registrations, unlike existing approaches where invitation generation and verification incur overhead linear in the total number of members. Moreover, (Formula presented) scales efficiently: once a user joins, the administrator can immediately issue credentials enabling the newcomer to act as an inviter without re-keying existing members. We also design (Formula presented), a cross-network extension that supports anonymous third-party authentication, allowing invitations issued in one system to be used for registration in another. © 2025 Elsevier B.V., All rights reserved.
dc.description.fulltextYes
dc.description.harvestedfromManual
dc.description.indexedbyScopus
dc.description.publisherscopeInternational
dc.description.readpublishN/A
dc.description.sponsoredbyTubitakEuN/A
dc.identifier.doi10.1016/j.jnca.2025.104337
dc.identifier.eissn1084-8045
dc.identifier.embargoNo
dc.identifier.issn1095-8592
dc.identifier.quartileN/A
dc.identifier.scopus2-s2.0-105018073613
dc.identifier.urihttps://doi.org/10.1016/j.jnca.2025.104337
dc.identifier.urihttps://hdl.handle.net/20.500.14288/31382
dc.identifier.volume244
dc.keywordsAnonymity
dc.keywordsCross-network invitation
dc.keywordsIntegrity
dc.keywordsInvitation-based system
dc.keywordsMalicious adversary
dc.keywordsThird-party authentication
dc.keywordsUnforgeability
dc.language.isoeng
dc.publisherAcademic Press
dc.relation.affiliationKoç University
dc.relation.collectionKoç University Institutional Repository
dc.relation.ispartofJournal of Network and Computer Applications
dc.relation.openaccessYes
dc.rightsCC BY-NC-ND (Attribution-NonCommercial-NoDerivs)
dc.rights.urihttps://creativecommons.org/licenses/by-nc-nd/4.0/
dc.title(Formula presented) : Anonymous invitation-only registration in malicious adversarial model
dc.typeJournal Article
dspace.entity.typePublication

Files

Collections

Publications without Fulltext