Federated Anonymous Blocklisting across Service Providers and its Application to Group Messaging

TL;DR

This paper introduces a federated anonymous blocklisting scheme for messaging groups that enhances privacy and scalability, allowing users to prove they are not blocked across multiple trusted realms without performance degradation.

Contribution

It proposes a novel federated blocklisting scheme replacing centralized authorities, with an implementation that maintains performance regardless of blocklist size and integrates with messaging protocols.

Findings

The scheme's performance is independent of blocklist size.

Users can prove non-blocked status across multiple trusted realms.

The approach is applicable to real-world messaging group security.

Abstract

Instant messaging has become one of the most used methods of communication online, which has attracted significant attention to its underlying cryptographic protocols and security guarantees. Techniques to increase privacy such as End-to-End Encryption and pseudonyms have been introduced. However, online spaces such as messaging groups still require moderation to prevent misbehaving users from participating in them, particularly in anonymous contexts.. In Anonymous Blocklisting (AB) schemes, users must prove during authentication that none of their previous pseudonyms has been blocked, preventing misbehaving users from creating new pseudonyms. In this work we propose an alternative Federated Anonymous Blocklisting (FAB) in which the centralised Service Provider is replaced by small distributed Realms, each with its own blocklist. Realms can establish trust relationships between each other, such that when users authenticate to a realm, they must prove that they are not blocked in any of its trusted realms. We provide an implementation of our proposed scheme; unlike existing AB constructions, the performance of ours does not depend on the current size of the blocklist nor requires processing new additions to the blocklist. We also demonstrate its applicability to real-world messaging groups by integrating our FAB scheme into the Messaging Layer Security protocol.