An Improved Trust Negotiation Protocol with Hidden Credentials

Hidden credentials are widely used for strangers in open environments to establish mutual trust without actually disclosing credentials and policies. With these schemes, sensitive resource and policies are protected against being leaked to unqualified recipients. However, an adversary is able to tamper negotiation messages or flood error messages to the recipient. Because the traditional protocol with hidden credentials omits integrity and authentication protection, the recipient still tries each of his credentials to decrypt the message. These will add the recipient's computational overhead and result in potential threats to the protocol. In this paper, we develop an improved trust negotiation protocol to prevent such attack. Compared with previously proposed trust negotiation protocol, our protocol uses cryptographic authentication mechanisms which can help the recipient to detect any modification and identify hostile sender. We also discuss the security and performance of the improved protocol.