Instant messaging has become one of the most used methods of communication online, which has attracted significant attention to its underlying cryptographic protocols and security guarantees. Techniques to increase privacy such as End-to-End Encryption and pseudonyms have been introduced. However, online spaces such as messaging groups still require moderation to prevent misbehaving users from participating in them, particularly in anonymous contexts.. In Anonymous Blocklisting (AB) schemes, users must prove during authentication that none of their previous pseudonyms has been blocked, preventing misbehaving users from creating new pseudonyms. In this work we propose an alternative \textit{Federated Anonymous Blocklisting} (FAB) in which the centralised Service Provider is replaced by small distributed Realms, each with its own blocklist. Realms can establish trust relationships between each other, such that when users authenticate to a realm, they must prove that they are not banned in any of its trusted realms. We provide an implementation of our proposed scheme; unlike existing AB constructions, the performance of ours does not depend on the current size of the blocklist nor requires processing new additions to the blocklist. We also demonstrate its applicability to real-world messaging groups by integrating our FAB scheme into the Messaging Layer Security protocol.

翻译：即时消息传递已成为在线通信中最常用的方法之一，这使其底层加密协议与安全保障受到广泛关注。诸如端到端加密和假名等增强隐私的技术已被引入。然而，消息群组等在线空间仍需进行管理，以防止行为不当的用户参与其中，尤其是在匿名环境中。在匿名封禁方案中，用户必须在身份验证时证明其所有先前使用的假名均未被封禁，从而阻止行为不当的用户创建新的假名。在本研究中，我们提出了一种替代方案——联邦匿名封禁，其中集中式服务提供商被替换为小型分布式领域，每个领域拥有独立的封禁列表。领域之间可建立信任关系，使得用户向某一领域进行身份验证时，必须证明其在该领域所有受信任的领域中均未被封禁。我们提供了所提方案的实现；与现有匿名封禁架构不同，本方案的性能不依赖于当前封禁列表的规模，也无需处理封禁列表的新增条目。通过将联邦匿名封禁方案集成至消息层安全协议，我们还论证了其在现实世界消息群组中的适用性。