基于直接匿名证明的k次属性认证方案

柳欣; 徐秋亮; 张斌; 张波

doi:10.11959/j.issn.1000-436x.2018279

您当前的位置：

首页 >

文章列表页 >

基于直接匿名证明的k次属性认证方案

学术论文 | 更新时间：2024-06-05

- 基于直接匿名证明的k次属性认证方案
- k-times attribute-based authentication scheme using direct anonymous attestation
- 通信学报 2018年39卷第12期页码：113-133
- 作者机构：
  
  1. 山东青年政治学院信息工程学院，山东济南 250103
  2. 山东省高校信息安全与智能控制重点实验室（山东青年政治学院），山东济南 250103
  3. 山东大学软件学院，山东济南 250101
  4. 济南大学信息科学与工程学院，山东济南 250022
- 作者简介：
  
  [ "柳欣（1978−），男，山东广饶人，博士，山东青年政治学院副教授，主要研究方向为密码学与信息安全。" ]
  [ "徐秋亮（1960−），男，山东淄博人，山东大学教授、博士生导师，主要研究方向为密码学与信息安全。" ]
  [ "张斌（1975−），男，山东济南人，博士，山东青年政治学院讲师，主要研究方向为密码学与信息安全。" ]
  [ "张波（1981−），男，山东德州人，博士，济南大学讲师，主要研究方向为密码学与信息安全。" ]
- 基金信息：
  
  国家自然科学基金资助项目(No.61173139);山东省自然科学基金资助项目(No.ZR2015FL023);山东省自然科学基金资助项目(No.ZR2014FL011);山东省自然科学基金资助项目(No.ZR2015FL022);山东省高等学校科学技术计划基金资助项目(No.J17KA081);山东省高等学校科学技术计划基金资助项目(No.J15LN16);山东省高等学校科学技术计划基金资助项目(No.J13LN23);山东青年政治学院博士科研启动经费资助项目(No.14A007)
- DOI：10.11959/j.issn.1000-436x.2018279
  中图分类号： TP393
- 网络出版日期：2018-12，
  
  纸质出版日期：2018-12-25
- 稿件说明：
移动端阅览
柳欣, 徐秋亮, 张斌, 等. 基于直接匿名证明的k次属性认证方案[J]. 通信学报, 2018,39(12):113-133.

Xin LIU, Qiuliang XU, Bin ZHANG, et al. k-times attribute-based authentication scheme using direct anonymous attestation[J]. Journal on communications, 2018, 39(12): 113-133.
柳欣, 徐秋亮, 张斌, 等. 基于直接匿名证明的k次属性认证方案[J]. 通信学报, 2018,39(12):113-133. DOI： 10.11959/j.issn.1000-436x.2018279.

Xin LIU, Qiuliang XU, Bin ZHANG, et al. k-times attribute-based authentication scheme using direct anonymous attestation[J]. Journal on communications, 2018, 39(12): 113-133. DOI： 10.11959/j.issn.1000-436x.2018279.

摘要

当前，已有k次属性认证（简称k-TABA）方案以及相关属性认证方案的主要缺点是认证子协议的运算复杂度依赖于属性认证策略的规模，而且并未考虑成员废除和属性更新问题。基于直接匿名证明、集合成员身份证明和密文策略属性加密技术构造了新的k-TABA方案。为了进一步优化用户端运算效率，首先对底层属性加密方案进行修改，然后利用Green等的密钥绑定技术对解密过程进行外包。该方案不但可部署于可信平台，而且支持可表述性认证策略。此外，该方案满足多个理想性质，诸如注册过程可验证性、成员废除和属性更新等。该方案最显著的性能优势是用户在认证阶段的运算开销为常数。

Abstract

s: At present

the main drawbacks of existing k-times attribute-based authentication (abbreviated to k-TABA) schemes and related attribute-based authentication schemes are that the computation cost of the authentication process depends on the size of the access formula and none of these schemes considers the problems of member revocation and attribute update. A new k-TABA scheme was constructed based on the building blocks of direct anonymous attestation

set membership proof and ciphertext-policy attribute-based encryption. Moreover

in order to reduce user's calculation as much as possible

the underlying attribute-based encryption scheme was modified

and then the main decryption operations were outsourced by using the key binding technique of Green et al. The new scheme can be deployed on a trusted platform and support expressive authentication policies. In addition

it also satisfies several ideal properties

such as registration process verifiability

member revocation

attribute update

and so on. The significant performance advantage of the new scheme is that the computation overhead of the user in the authentication phase is constant.

关键词

Keywords

references

李顺东，窦家维，王道顺 . 同态加密算法及其在云安全中的应用 [J ] . 计算机研究与发展， 2015 , 52 ( 6 ): 1378 - 1388 .

LI S D , DOU J W , WANG D S . Survey on homomorphic encryption and its applications to cloud security [J ] . Journal of Computer Research and Development , 2015 , 52 ( 6 ): 1378 - 1388 .

张凯，马建峰，李辉，等 . 支持高效撤销的多机构属性加密方案 [J ] . 通信学报， 2017 , 38 ( 3 ): 83 - 91 .

ZHANG K , MA J F , LI H , et al . Multi-authority attribute-based encryption with efficient revocation [J ] . Journal on Communications , 2017 , 38 ( 3 ): 83 - 91 .

ZHOU J , CAO Z F . PSCPA: patient self-controllable privacy-preserving cooperative authentication in distributed m-healthcare systems [R ] . IACR Cryptology ePrint Archive: Report . 2012 / 044 .

LI M , HUANG X Y , LIU J K , et al . Matrix-valued and quaternion wavelets [J ] . International Journal of Embedded Systems , 2015 , 7 ( 3 - 4 ): 191 - 202 .

CAMENISCH J , DRIJVERS M , HAJNY J . Scalable revocation scheme for anonymous credentials based on n-times unlinkable proofs [C ] // the 2016 ACM on Workshop on Privacy in the Electronic Society, WPES 2016 . 2016 : 123 - 133 .

NGUYEN L . Efficient dynamic k-times anonymous authentication [C ] // First International Conference on Cryptology in Vietnam, VIETCRYPT 2006 . Hanoi, Vietnam , 2006 : 81 - 98 .

柳欣，徐秋亮 . 不可克隆的动态 k 次匿名认证方案 [J ] . 通信学报， 2012 , 33 ( 7 ): 75 - 89 .

LIU X , XU Q L . Unclonable dynamic k-times anonymous authentication [J ] . Journal on Communications , 2012 , 33 ( 7 ): 75 - 89 .

LIAN Y , HUANG X Y , MU Y . SA 3: Self-adaptive anonymous authentication for dynamic authentication policies [J ] . Future Generation Computer Systems , 2014 , 30 ( 1 ): 133 - 139 .

MAJI H K , PRABHAKARAN M , ROSULEK M . Attribute-based signatures [C ] // The Cryptographers' Track at the RSA Conference 2011, CT-RSA 2011 . Hanoi, Vietnam , 2011 : 376 - 392 .

YANG H , OLESHCHUK V A . An efficient traceable attribute-based authentication scheme with one-time attribute trees [C ] // 20th Nordic Conference, NordSec 2015 . 2015 : 123 - 135 .

YANG H , OLESHCHUK V A . A dynamic attribute-based authentication scheme [C ] // International Conference on Codes, Cryptology, and Information Security, C2SI 2015. . 2015 : 106 - 118 .

LI J , CHEN X F , HUANG X Y . New attribute-based authentication and its application in anonymous cloud access service [J ] . International Journal of Web and Grid Services , 2015 , 11 ( 1 ): 125 - 141 .

YUEN T H , LIU J K , AU M H , et al . K-times attribute-based anonymous access control for cloud computing [J ] . IEEE Transactions on Computers , 2015 , 64 ( 9 ): 2595 - 2608 .

BRICKELL E , CHEN L , LI J . Simplified security notions of direct anonymous attestation and a concrete scheme from pairings [J ] . International journal of information security , 2009 , 8 ( 5 ): 315 - 330 .

CHEN L . A DAA scheme requiring less TPM resources [C ] // 5th International Conference on Information Security and Cryptology . 2010 : 350 - 365 .

DESMOULINS N , LESCUYER R , SANDERS O , et al . Direct anonymous attestations with dependent basename opening [C ] // the International Conference on Cryptology and Network Security . 2014 : 206 - 221 .

BRICKELL E , CHEN L , LI J . A static Diffie-Hellman attack on several direct anonymous attestation schemes [C ] // 4th International Conference on Trusted Systems, INTRUST 2012 . 2012 : 95 - 111 .

XI L , YANG Y , ZHANG Z F , et al . A static Diffie-Hellman attack on several direct anonymous attestation schemes [C ] // the International Conference on Trust and Trustworthy Computing, TRUST 2014 . 2014 : 1 - 18 .

ZHANG P , CHEN Z H , LIANG K T , et al . A cloud-based access control scheme with user revocation and attribute update [C ] // the Australasian Conference on Information Security and Privacy, ACISP 2016 . 2016 : 525 - 540 .

ARFAOUI G , LALANDE J F , TRAORÉ J , et al . A practical set-membership proof for privacy-preserving NFC mobile ticketing [C ] // 15th International Symposium on Privacy Enhancing Technologies, PETS 2015 . Philadelphia . 2015 : 25 - 45 .

GREEN M , HOHENBERGER S , WATERS B . Outsourcing the decryption of abe ciphertexts [C ] // The USENIX Security Symposium 2011 . San Francisco, CA, USA . 2011 : 3 - 18 .

BONEH D , BOYEN X . Short signatures without random oracles and the SDH assumption in bilinear groups [J ] . Journal of Cryptology , 2008 , 21 ( 2 ): 149 - 177 .

LAI J Z , DENG R H , GUAN C , et al . Attribute-based encryption with verifiable outsourced decryption [J ] . IEEE Transactions on Information Forensics and Security , 2013 , 8 ( 8 ): 1343 - 1354 .

CAMENISCH J , HOHENBERGER S , PEDERSEN M Ø . Batch verification of short signatures [J ] . IEEE Transactions on Information Forensics and Security , 2012 , 25 ( 4 ): 723 - 747 .

GOYAL V , PANDEY O , SAHAI A , et al . Attribute-based encryption for fine-grained access control of encrypted data [C ] // 13th ACM conference on Computer and communications security, CCS 2006 . Alexandria . 2006 : 89 - 98 .

CHEN L , MORRISSEY P , SMART N P . Pairings in trusted computing [C ] // 13th ACM conference on Computer and communications security, CCS 2006 . International Conference on Pairing-Based Cryptography, Pairing 2008 . 2008 : 1 - 17 .

LI J , AU M H , SUSILO W , et al . Attribute-based signature and its applications [C ] // 13th ACM conference on Computer and communications security, CCS 2006 . 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010 . 2010 : 60 - 69 .

浏览量

818

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

支持访问策略部分隐藏的CP-ABE方案

面向云存储的属性基双边访问控制方案

基于DAA的轻量级多商家多重息票系统