Instant messaging has become one of the most used methods of communication online, which has attracted significant attention to its underlying cryptographic protocols and security guarantees. Techniques to increase privacy such as End-to-End Encryption and pseudonyms have been introduced. However, online spaces such as messaging groups still require moderation to prevent misbehaving users from participating in them, particularly in anonymous contexts.. In Anonymous Blocklisting (AB) schemes, users must prove during authentication that none of their previous pseudonyms has been blocked, preventing misbehaving users from creating new pseudonyms. In this work we propose an alternative Federated Anonymous Blocklisting (FAB) in which the centralised Service Provider is replaced by small distributed Realms, each with its own blocklist. Realms can establish trust relationships between each other, such that when users authenticate to a realm, they must prove that they are not blocked in any of its trusted realms. We provide an implementation of our proposed scheme; unlike existing AB constructions, the performance of ours does not depend on the current size of the blocklist nor requires processing new additions to the blocklist. We also demonstrate its applicability to real-world messaging groups by integrating our FAB scheme into the Messaging Layer Security protocol.

翻译：即时消息已成为在线通信中最常用的方法之一，其底层的密码协议和安全保障吸引了广泛关注。端到端加密和假名等增强隐私的技术已被引入。然而，消息群组等在线空间仍需审核，以防止不当行为用户参与其中，尤其在匿名场景下更为重要。在匿名封禁列表方案中，用户必须在身份验证时证明其先前的任何假名未被封禁，从而阻止不当行为用户创建新假名。本文提出了一种替代方案——联邦匿名封禁列表方案，其中中心化的服务提供商被小型分布式“领域”所取代，每个领域维护各自的封禁列表。领域之间可建立信任关系，使得用户向某个领域认证时，必须证明其未被该领域的任何受信任领域封禁。我们实现了所提出的方案；与现有匿名封禁列表构建不同，我们的性能既不依赖于当前封禁列表的大小，也无需处理封禁列表的新增项。通过将联邦匿名封禁列表方案集成到消息层安全协议中，我们还展示了其在真实世界消息群组中的适用性。