While the social network services (SNS) have dominate the ways that people communicate with each other on the Internet, identity impersonation remains to be a serious issue that needs to be solved due to the anonymity in the cyber network. Currently, the potential solution to the problem relies heavily on the administration from the central server, which requires intensive workload of the identity management. In this article, we propose a threshold identity authentication signature scheme to solve the impersonation problem from the protocol layer rather than software design in the traditional upper level. In our scheme, with the help of some authenticated accounts, trusted relationship can be shared in a group to other unauthenticated accounts, which largely decrease the workload of authenticating all the accounts. Users are given the ability to verify other accounts' identity information by their signatures. Then, we establish three security goals to prevent the malicious adversary to launch the impersonation attack on a group. We claim that our scheme is suitable for the SNS scenario since the procedure of generating a signature to prove the identity requires little computation cost, it is user-friendly especially on the lightweight devices such as mobile devices and so on.

中文翻译：

---

阈值身份认证签名：社交网络服务中的假冒防范

虽然社交网络服务 (SNS) 已经主导了人们在 Internet 上相互交流的方式，但由于网络网络的匿名性，身份冒充仍然是一个需要解决的严重问题。目前，该问题的潜在解决方案在很大程度上依赖于中央服务器的管理，这需要大量的身份管理工作量。在本文中，我们提出了一种门限身份认证签名方案，从协议层而不是传统上层的软件设计来解决冒充问题。在我们的方案中，借助一些经过认证的账户，可以将信任关系分组共享给其他未经认证的账户，大大减少了对所有账户进行认证的工作量。用户可以通过签名验证其他帐户的身份信息。然后，我们建立了三个安全目标来防止恶意对手对一个群体发起假冒攻击。我们声称我们的方案适用于 SNS 场景，因为生成签名以证明身份的过程需要很少的计算成本，它是用户友好的，特别是在移动设备等轻量级设备上。